Netwrix Blog | Insights for Cybersecurity and IT Pros

This post first appeared on blog.netwrix.com and was written by Jeff Warren.
PowerShell is one of the most popular platforms for malicious actors. To protect your critical data and systems, it’s vital to implement strategies for blocking and detecting attacks that exploit PowerShell. However, you should not assume those security measures are airtight — adversaries are constantly looking for ways to bypass your defenses. Let’s explore three … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Introduction Administrators can perform all typical Windows registry operations using either the old-good regedit user interface or the reg.exe utility. But there is another option — PowerShell. PowerShell can dramatically streamline the work of managing the registry, either on the local machine or remotely. In this article, we’ll detail how to create, manage and delete … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
If your organization runs on Microsoft Active Directory, you rely on one or more domain controllers to keep AD operations going. On the surface, Active Directory seems to run on a peer-to-peer models in which every domain controller (DC) has the authority to create, modify, and delete AD objects. That is because every domain controller holds … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Effective user management allows people to access resources while protecting the security and integrity of data and IT infrastructure. With the rise of remote work and cloud-based applications and infrastructure, user management is a foundational security measure.  User management also streamlines the process of creating, controlling, and deleting user accounts, lightening the administrative burden on … Continued

This post first appeared on blog.netwrix.com and was written by Kevin Horvatin.
System administrators perform a variety of standard operations on their Windows servers every day, including creating, deleting, and moving files and folders. By becoming fluent with the core set of Active Directory (AD) PowerShell commands provided in this blog post, you can dramatically reduce the manual work involved to create a file in PowerShell. Before you start, ensure your … Continued

This post first appeared on blog.netwrix.com and was written by Jeff Warren.
Today, cyberattacks are no longer a matter of if, but when. Spotting malicious actors before they can do damage requires a proactive approach. One effective strategy is to use honey tokens. This article explains what honey tokens are and how Netwrix Threat Manager enables organizations to easily create and use them to gain the threat … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
When intruders want to break into an establishment, they look for an opening. An open port is one of the openings that a hacker or threat actor looks for to access a digital network. That open port may be on a firewall, a server, or any network-connected computing device. Just as a single unlocked door … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
A robust malware prevention and detection strategy is critical to cyber security and cyber resilience today. After all, a single malware infection can inflict serious financial damage — from business disruptions and remediation costs to lasting reputational damage and customer churn. To help, this blog explains the types of malware organizations need to defend against … Continued

This post first appeared on blog.netwrix.com and was written by Sean Bergman.
Introduction to Database Security In today’s digitized world, the heart of any organization’s IT infrastructure is arguably its database systems. Databases host a wide range of information, from sensitive customer data to proprietary business intelligence — which makes them a top target for cyberattacks. As a database administrator (DBA), you need a solid grasp of … Continued

This post first appeared on blog.netwrix.com and was written by Christopher Nieves.
SharePoint makes collaboration and sharing exceedingly easy — which can put sensitive and regulated content at risk. Accordingly, administrators need to put guardrails in place that facilitate appropriate sharing and prevent data leakage. Download eBook: Best Practices for SharePoint and SharePoint Online In SharePoint Online, the primary way for a user to grant access to resources is … Continued

This post first appeared on blog.netwrix.com and was written by Chris Roney.
Every organization faces data security threats, which become more complex when integrating technologies like cloud computing or hybrid working options. That’s why it is critical to implement robust data protection to safeguard critical assets such as intellectual property, personally identifiable information, and sensitive financial data. This challenge is further augmented by the growing number of … Continued

This post first appeared on blog.netwrix.com and was written by Tyler Reese.
This article explains what IGA is and the benefits it offers. It also clears up some misconceptions about IGA and offers guidance about what to look for when assessing candidate IGA solutions. Download eBook https://www.netwrix.com/identity_governance_and_administration_leadership_compass.html What is Identity Governance and Administration? Identity governance and administration (IGA) is a security discipline focused on helping organizations manage … Continued

This post first appeared on blog.netwrix.com and was written by Martin Cannard.
“Never trust; always verify.” That’s the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: “Trust but verify.” As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model and toward an identity-first model. Zero Trust assumes that every attempt … Continued

This post first appeared on blog.netwrix.com and was written by Joe Dibley.
The National Institute of Standards and Technology (NIST) helps organizations implement best practices across their operations, including cybersecurity. In particular, NIST password guidelines outlines are considered the gold standard for solid password creation and management policies. This article explains the current NIST password guidelines, detailed in Special Publication 800-63B, “Digital Identity Guidelines,” and how organizations can … Continued

This post first appeared on blog.netwrix.com and was written by Ian Andersen.
One of the most common ways for attackers to slip into a corporate network is by compromising the username and password of a legitimate user account. Usernames are typically trivial to guess because they follow an established standard in a given organization, such as [email protected]. Unfortunately, compromising basic passwords is also surprisingly easy for threat … Continued

This post first appeared on blog.netwrix.com and was written by Ian Andersen.
Identity theft is a concern for everyone living in the digital age. By stealing someone’s identity, a criminal can gain access to their credit cards and financial accounts or apply for credit using the victim’s identity. The compromise of your identity can lead to numerous troubling circumstances. Cybercriminals have learned to leverage identity theft to … Continued

This post first appeared on blog.netwrix.com and was written by Ian Andersen.
Gartner listed identity threat detection and response (ITDR) among its top security and risk management trends for 2022 and beyond — and study after study keeps verifying the importance of an effective ITDR strategy. For example, the Identity Defined Security Alliance (IDSA) revealed that more than 90% of the organizations it surveyed suffered an identity-related attack … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
Modern IT infrastructure is comprised of various interconnected network components that make communication and resource sharing possible throughout your organization. Whether securing sensitive data, facilitating collaboration, or simply ensuring uninterrupted access, a network of devices is at play—and the elements of these devices are critical to a business’s successful operation. Below, we explore network devices’ … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Your organization deals with various forms of sensitive information. It could be company secrets, customer data, or proprietary research — whatever the case, security should be your top priority.  This is especially true given the heightened security concerns worldwide, with malicious actors targeting businesses everywhere. As such, you must protect your business’s interests and comply … Continued

This post first appeared on blog.netwrix.com and was written by Craig Riddell.
Introduction Enterprise identity and access management (IAM) is the discipline of managing digital identities and their access to data, applications, systems and other resources. It addresses two fundamental questions: In other words, IAM helps organizations ensure that exactly the right accounts exist and that each user can access exactly the right resources based on their … Continued