StealthINTERCEPT 6.1 is Here!

Delivering important enhancements to Active Directory (AD) and LDAP auditing functionality as well as “audit-only” password policy compliance monitoring capabilities.

Request A Free Trial

Powered by ChronoForms - ChronoEngine.com

At the crossroads of Operations and Security, STEALTHbits Technologies enables administrators to make sense of native LDAP logging within AD. StealthINTERCEPT for LDAP has been enhanced in v6.1 to provide even deeper insight into LDAP traffic, helping to make short work of digesting the most important LDAP activities. Version 6.1 introduces new capabilities to help further filter out excessive, inconsequential noise activities, as well as pinpoint specific scenarios like applications leveraging unsecured LDAP protocols and inefficient queries that can be optimized to reduce unnecessary load on domain controllers.

In addition, StealthINTERCEPT Enterprise Password Enforcer (EPE) has been enhanced to provide a useful “audit-only” mode, allowing organizations to gauge the extent of their password complexity issues through passive observation over time before implementing EPE’s enforcement controls. Whether the decision to strengthen password policy is to adopt the new NIST password guidelines or add additional security checks to prevent weak password usage, leveraging EPE’s “audit-only” mode will allow organizations to prepare for and subsequently limit the impact on end-users and helpdesks alike when tighter password restrictions are implemented and enforced.

HIGHLIGHTS OF THE NEW RELEASE

ENHANCED LDAP AUDITING

  • Secure LDAP Queries – StealthINTERCEPT now supports LDAPS, as well as Kerberos Sign and Seal detection
  • Query Run Time – StealthINTERCEPT can now filter queries that have a run time above or below a given threshold to identify inefficient queries
  • Enhanced User and Computer Filtering – StealthINTERCEPT’s LDAP query filter has been enhanced to reduce unnecessary activity
  • Exclude Query – Users can now apply exclusion filters based on the search string or search base/base DN of the search

LDAP is a highly leveraged communication protocol within AD and is most commonly used to query information from AD to facilitate authentication and authorization processes. LDAP queries can be both burdensome from a performance perspective when improperly configured and used for nefarious purposes by attackers performing reconnaissance activities, however, making the need for insight into the LDAP queries being run in an environment a necessity for operational and security purposes. Unfortunately, native LDAP logging within AD is kluge, noisy, and highly resource intensive, making it highly challenging for many administrators to make heads or tails of the data they capture, if they can at all.

PASSWORD POLICY COMPLIANCE MONITORING (EPE AUDIT-ONLY MODE)

A user’s account password is often the only thing standing between an attacker and the data they want to access to. As a result, strong, unique passwords are critical for users to leverage to mitigate the risk of account compromise through brute force and other password guessing attacks.

Unfortunately, one of the largest security challenges organizations face is changing their password policy. Not only is it difficult to modify end-user behavior, but the controls just are not available natively within AD to ensure users are creating passwords that are truly unique.

With this latest release, STEALTHbits allows users to implement a password policy using an “audit-only” mode that verified if the password supplied during a change is compliant with desired policy, rather than only rejecting it.

Learn About StealthINTERCEPT

Resources

StealthINTERCEPT

Data Sheet

Learn More

Active Directory Security Monitoring: The 5 Most Critical Points

White Paper

Learn More

Enterprise Password Enforcer

Data Sheet

Learn More

Free Risk Analysis STEALTHbits' Credentials and Data Security Assessment is your Business-Justification-in-a-Box!x