On account of the growing number of ransomware and sophisticated attacks, Tenable, the Cyber Exposure company, has developed 10 foundational configuration checks for its solutions
It includes Tenable.io, Tenable.sc and both Nessus Professional and Nessus Essentials, that assess Microsoft Active Directory security readiness and align remediation efforts based on the threat landscape. These checks leverage Tenable’s expertise in securing Active Directory environments through Tenable.ad and are available immediately for existing customers at no extra charge.
Bad actors have set their sights on the one system that connects everything on the corporate network- from cloud, web apps, traditional IT and operational technology (OT): Active Directory. According to Frost & Sullivan, 90% of the Fortune 1000 use Active Directory as their primary method for authentication and authorisation. Active Directory is mostly the first target for bad actors once they gain a foothold in the enterprise. The Solarwinds hack and a string of high-profile ransomware attacks that crippled critical infrastructure have highlighted the critical role that Active Directory plays in enterprise security and the problems that occur if not expertly configured, audited and monitored for high-risk activities.
Tenable has, in response, launched 10 foundational checks within its solutions to help customers detect commonly exploited weaknesses in Active Directory, protecting credentials and preventing privilege escalation. Organisations can immediately use the checks to assess their exposure to a range of risks, including Kerberoasting attacks, poorly configured or managed passwords and vulnerable encryption protocols. Then, security teams can take remedial action to close these potential attack paths.
“We’re seeing the weaponisation of Active Directory by bad actors virtually every time a new ransomware attack or hack makes the headlines. Securing Active Directory is one of the most critical steps virtually any organization should take to build stronger cyber defenses and a solid foundation for their digital business,” said Renaud Deraison, co-founder and chief technology officer, Tenable.