Hot Topics

Cradlepoint Adds SASE Platform for 5G Wireless Networks
BTS #28 - 5G Hackathons - Casey Ellis
CCPA Compliance with Accutive Data Discovery and Masking: Understanding and protecting your sensitive data
USENIX Security ’23 - Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)
USENIX Security ’23 - Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)

Home » Security Bloggers Network » Need an Insurance Policy Against Ransomware Attacks? Get Silverfort’s Free Identity Security Assessment

Need an Insurance Policy Against Ransomware Attacks? Get Silverfort’s Free Identity Security Assessment

by Don Hoffman on February 2, 2023

Many organizations are struggling today with aligning their security controls with what underwriters now require in order to get insurance coverage against ransomware attacks. From the identity protection perspective, even the initial discovery of MFA and administrative access gaps to address can be a severe challenge, due to a lack of tools that can reveal the security posture of all admin users and service accounts. This is why Silverfort is launching a free identity security assessment offering — to assist organizations in this task and enable them to easily meet insurers’ requirements.

What is Silverfort’s Free Identity Security Assessment?

Silverfort’s free identity security assessment enables cyber insurance applicants to overcome these obstacles by providing comprehensive visibility into all admin accounts that need MFA protection as well as into all service accounts, including their privilege level and activities. In addition, the assessment also uncovers any security hygiene issues that can expose the environment to identity threats, while also detecting any active ones already underway. With this information in hand, organizations can easily identify the identity security gaps preventing them from aligning with what insurers require, so they can resolve them to get the cyber insurance policy they need.

Silverfort’s identity security assessment provides you with findings from the following types:

Findings Type 1: Admin Users Visibility

The most stringent requirements that insurers have is to apply MFA protection on all administrative access across various resources in the environment, such as directory services, networking infrastructure, command line access, and others. Silverfort’s assessment provides complete visibility into all admin users (including shadow admins you might not be aware of) and the resources they access, enabling you to easily see their existing level of MFA coverage and – in the case of any gaps – extend this protection to all necessary users and resources.

Sponsorships Available

Findings Type 2: Service Accounts Discovery

Another important aspect of cyber insurance eligibility is being able to demonstrate that you can monitor and protect your service accounts. Silverfort’s assessment provides you with complete visibility into your service accounts inventory and also shows you their privilege levels, source and destination, and the overall activity of each account. Most importantly, this assessment will enable you to determine whether any of these accounts is at risk or is behaving in an anomalous way that could indicate its compromise.

*Screenshot 2: Service accounts discovery*

Findings Type 3: Identity Security Hygiene

Silverfort’s assessment tool can also identify security weaknesses in your environment that reduce its resilience to identity threats, exposing it to various attack methods. Examples of these include stale passwords in use, accounts with passwords that never expire, admin users with SPN (making them vulnerable to Kerberoasting attacks), as well as the use of any weak protocols like NTLM and NTLMv1. Resolving these previously undetected hygiene issues is a key step in reducing a threat actor’s ability to attack your environment.

*Screenshot 3: Identity security hygiene*

Findings Type 4: Active Identity Threats

Silverfort’s risk assessment can also spot any live identity threats that are active in the environment at the time of the assessment. These include common lateral movement techniques (Pass-the-Ticket, Pass-the-Hash, etc.), credential capture such as Kerberoasting, brute force attempts, and others that involve the compromise of credentials and use of them for malicious access. These techniques are what enable ransomware actors to spread within a targeted environment and escalate the impact of their attacks — from a single machine to an entire network.

Take the Next Step with Your Identity Security

Complying with all the new requirements for a cyber insurance policy can be a challenge, especially if you don’t have full visibility into your environment. Thanks to Silverfort’s free identity risk assessment, organizations can meet this challenge head-on. Uncover your security gaps, qualify for cyber insurance, and eliminate the threat of ransomware. Sign up today.

The post <strong>Need an Insurance Policy Against Ransomware Attacks? Get Silverfort’s Free Identity Security Assessment</strong> appeared first on Silverfort.

*** This is a Security Bloggers Network syndicated blog from Blog - Silverfort authored by Don Hoffman. Read the original post at: https://www.silverfort.com/blog/need-an-insurance-policy-against-ransomware-attacks-get-silverforts-free-identity-security-assessment/