XM Cyber, the hybrid cloud exposure management company, is unveiling improvements to its continuous exposure management capabilities, targeting ever-growing hybrid cloud active directory attacks, as well as optimizing the way security teams prioritize and address threats.
Cybersecurity evolves as quickly as enterprises innovate and grow, where a seemingly infinite quantity of complexities is introduced as attack surfaces become increasingly large and complex.
Identity and credential exposures continue to pose a massive security threat; in a recent attack, threat actors compromised Azure AD Connect through a technique that steals PRT tokens, which expands their attack blast radius.
Addressing this new technique and other attack methods, XM Cyber is broadening its attack graph mapping technology to ultimately reduce the effort necessary to optimize an enterprise’s security posture, further eradicating these high-risk attack paths.
“As the attack surface continues to expand, it can be challenging for us to prioritize our remediation efforts, decipher benign alerts and determine which exposures actually pertain to the most imminent risks to our organization’s critical assets,” said the director of security at a U.S. insurance company. “XM Cyber helps us combat this challenge by accurately analyzing our environmental risk and effectively pinpointing high priority exposures which require immediate attention. Their step-by-step remediation guidance has also streamlined our exposure resolution timelines and drastically improved overall security posture.”
In combination with the aforementioned expansion, XM Cyber’s recently released platform will receive added automations that simplify the remediation of excessive shadow-admin permissions.
This comes as a result of insights surfaced by XM Cyber’s attack graphs, which illustrated that the list of admin permissions that are responsible for the highest risk are correlated against historic usage of these accounts. This information empowers customers with the subset list of these permissions to mitigate against future attacks without interrupting business processes, according to the company.
“Attackers continue to leverage identity exposures to execute malicious acts as they enable lateral movement and most often boast the best end reward—access to critical assets,” said Boaz Gorodissky, CTO and co-founder at XM Cyber. “As illustrated by our latest platform enhancements, our objective is to provide organizations with the ability to bring IT and security teams together to remediate, or find alternatives ways to resolve, the few exposures that pose the highest risk to the business. By focusing efforts on remediating what matters most, it can lead to significant improvements in efficiencies amongst security teams and also greatly reduce an organization’s overall attack surface with a few simple fixes.”
To learn more about XM Cyber’s latest improvements and capabilities, please visit https://xmcyber.com/.