Their Story Chats At Black Hat Conference 2018 | Jonathan Sander From STEALTHbits

Their Story - Jonathan Sander – STEALTHbits.jpeg

A Their Story interview with John Dasher

ITSPmagazine’s John Dasher sat down at Black Hat 2018 with Jonathan Sander of STEALTHbits to chat about unstructured data, protecting credentials, ransomware, machine learning – and Sylvester Stallone. Plus, he explains how STEALTHbits can help protect an organization’s sensitive data from insider threats and automate security and compliance tasks.

STEALTHbits protects credentials and data by helping people secure unstructured data (files and human-generated stuff) – and the byproduct of that is that they help them lock down the credentials that they use to access that. This is the normal, everyday user who, say, saves a spreadsheet full of data but then also clicks on a phishing email and gets infected and has that data stolen.

The number one move in the world of unstructured data and active directory is: delete.
— Jonathan Sander

The big question they get asked all the time is: you understand all my credentials and especially things like complicated relationships and active directory groups, but what do you use those groups to do? Jonathan says that about 86% of the problem they see is granting access to some file share or some service – and most of that is about unstructured data. Someone leaves company and the credentials are left there. Or, as John, says: “AD is where credentials go to die.”

Jonathan puts this into perspective by mentioning the Sony hack: one of the things that was exposed was Sylvester Stallone’s social security number from a contract that was 14 years old. It was collateral damage that could’ve been completely eliminated with deletion.

They also touch on machine learning, automation and more in the context that there are still 1 million successful ransomware attacks per month.

Learn more about STEALTHbits here.


For more updates from Black Hat Conference 2018, visit:
https://www.itspmagazine.com/black-hat-usa-news-event-coverage