Inaugural Identity Risk Research Report Discovers Identity Risks in All Organizations; New Solution Continuously Discovers and Mitigates Top Vector for Cyberattack
Illusive, the leader in identity risk management, announced the publication of Analyzing Identity Risks (AIR) 2022, a cybersecurity research report that examines the unmanaged, misconfigured and exposed identity risks that leave all organizations vulnerable to attack, despite the deployment of privileged account management (PAM), multi-factor authentication (MFA) and other identity and access management (IAM) solutions. Illusive has witnessed these blind spots firsthand while working with numerous security teams in the financial services, healthcare, and retail sectors to produce this report.
Latest Aithority Insights: Ad Industry Charts Path Forward On Addressability: Pram Transitions Ami Oversight To Daa, Individual…
The company also announced the launch of Illusive Spotlight and Illusive Shadow, its patented identity risk management platform that enables organizations to automatically and continuously discover, mitigate and protect against identity risks.
According to Gartner, “Many breaches are caused by security and identity tools that have been misconfigured, not fully configured or whose configurations are out of date.”1
Exploitable identity risks enable attackers to gain initial access, establish their persistence on a network, elevate their privileges, evade defenses, and accelerate their lateral movement until they have taken complete control.
Analyzing Identity Risks (AIR) 2022 includes quantitative insights into unmanaged, misconfigured and exposed identity risks, as well as real-world examples of how these identity risks manifest themselves. Key findings include:
- Unmanaged Identity Risks – 87% of local admins were not enrolled in PAM solutions, such as Microsoft’s Local Administrator Password Solution (LAPS).
- Misconfigured Identity Risks – 40% of shadow admins (i.e., misconfigured users with unintended privileges) can be easily exploited – if an attacker compromised one of these misconfigured identities, they would only need one entitlement, such as resetting the password of a domain admin, to elevate their privileges to a Domain Admin.
- Exposed Identity Risks – More than 1 in 10 (13%) endpoints contain privileged account passwords that have been left exposed (e.g., cached credentials). This is the digital equivalent of leaving your username and password written on a sticky note, and there are a variety of tools that attackers utilize to dump these privileged credentials so that they can be exploited.
Browse The Complete News About Aithority: Amdocs Enables 12 Billion Complex Charging Transactions Per Day On AWS
“As ransomware attacks reach record-breaking levels, the complexity of managing Active Directory and the limitations of existing identity and access management solutions have created an identity security gap that attackers easily exploit,” said Ofer Israeli, CEO & Founder, Illusive. “And it isn’t just a gap – it’s a major blindspot – this research is proof that organizations lack visibility into the identity risks that leave them vulnerable to an attack.”
Announcing Illusive Spotlight and Illusive Shadow
Illusive’s platform is a full lifecycle identity risk management solution. Illusive Spotlight automatically and continuously discovers and mitigates privileged identity risks. Illusive Shadow protects against identity risks that can’t be readily remediated. Key features include:
- Continuous Discovery – Illusive scans endpoints, servers, and Active Directory for identity risks.
- Automated Remediation – Illusive automatically clears cached credentials from endpoints and servers.
- Proactive Protection – Compensating controls monitor and protect identity risks.
Read More About Aithority News : 1plusx Continues Us Expansion With Hire Of Jeb Lambert As New Sales Lead
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.