ITSPmagazine’s John Dasher sat down at Black Hat 2018 with Jonathan Sander of STEALTHbits to chat about unstructured data, protecting credentials, ransomware, machine learning – and Sylvester Stallone. Plus, he explains how STEALTHbits can help protect an organization’s sensitive data from insider threats and automate security and compliance tasks.
STEALTHbits protects credentials and data by helping people secure unstructured data (files and human-generated stuff) – and the byproduct of that is that they help them lock down the credentials that they use to access that. This is the normal, everyday user who, say, saves a spreadsheet full of data but then also clicks on a phishing email and gets infected and has that data stolen.
The big question they get asked all the time is: you understand all my credentials and especially things like complicated relationships and active directory groups, but what do you use those groups to do? Jonathan says that about 86% of the problem they see is granting access to some file share or some service – and most of that is about unstructured data. Someone leaves company and the credentials are left there. Or, as John, says: “AD is where credentials go to die.”
Jonathan puts this into perspective by mentioning the Sony hack: one of the things that was exposed was Sylvester Stallone’s social security number from a contract that was 14 years old. It was collateral damage that could’ve been completely eliminated with deletion.
They also touch on machine learning, automation and more in the context that there are still 1 million successful ransomware attacks per month.
For more updates from Black Hat Conference 2018, visit: