CyberArk launches latest “CyberArk DNA” to detect Pass-the-Hash vulnerabilities

24th February 2014 | By Mouseworld Now Correspondent |

CyberArk-DNANew Delhi, India, February 24, 2014:  CyberArk, an enterprise security player, today unveiled the latest version of Discovery & Audit (DNA), the first tool on the market to identify and map exposed privileged password hashes and all related vulnerable machines on a network.

CyberArk DNA is a light-weight, stand alone tool that exposes the magnitude of privileged account security risks by enabling organizations to easily identify and analyze all privileged accounts across their network. CyberArk DNA v4 free trial licenses are currently available to all businesses for a limited time.

Pass-the-Hash attacks represent a significant risk to organizations, as they are frequently used as an attack vector in advanced threats. Pass-the-hash attacks capture account logon credentials on one computer and then use those credentials to gain access to other computers on the same network. Attackers use this technique to gain a foothold and harvest hashes to steal access to privileged systems and machines, travelling across the network until reaching their ultimate target – a company’s intellectual property or data.

Roy Adar, vice president of product management at CyberArk, said, “Pass-the-Hash attacks have been an attack vector in some of the most spectacular breaches, and they continue to be a major threat to businesses.”
“Understanding the extent of the vulnerability is the critical first step in mitigating the risk of pass-the-hash. CyberArk DNA is the only tool on the market designed to identify and visualise an organisation’s privileged account risk exposure – being able to simultaneously scan for pass-the-hash vulnerabilities is a natural extension of the security and audit tool,” added Adar.
Headquartered in Petach Tikvah, Israel, CyberArk proactively secures enterprises against cyber threats, which use insider privileges, before attacks can escalate and do irreparable damage to business.

Preventing Pass-the-Hash – Privileged Account Security

Password hashes serve as an authenticator across a network, making them a priority target for attackers. Hashes on endpoints often include the privileged credentials of a network administrator, or services that perform privileged actions on the endpoint. Attackers who penetrate these endpoints can steal the hashes to escalate their network privileges to help carry out their attack. Due to this, tight control and security of privileged credentials can significantly reduce a company’s exposure to pass-the-hash attacks.

The first step in addressing pass-the-hash vulnerabilities is to understand the risk landscape in the enterprise. CyberArk DNA v4 is the first tool to identify password hashes, locating all vulnerable machines on a network to provide the most accurate and reliable data about an organization’s exposure.

According to CyberArk, best practices for protecting against pass-the-hash attacks include (first) securing administrative access to machines with password masking and aging credentials. This reduces the risk of attackers gaining access to the hashes.

Second, frequently changing privileged account passwords (CyberArk recommends automating password changes and restricting them to one-time use to ensure tight security standards). Third, implementing and enforcing least privileges for all administrators.

The latest edition of CyberArk DNA v4, combined with CyberArk’s full portfolio of privileged account security solutions, provides businesses with the most complete solution for protecting against pass-the-hash attacks.

 

Tags: , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 7 + 14 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Rashi Peripherals Conducts Multi-City Enterprise Partner Meet more...
  • Second Edition of Annual 4.5G & 5G Innovation Summit concludes on a successful note more...
  • Wydr launches India Wholesale E-Fair more...
  • Snapdeal clocks record 3x growth in Kids Category more...
  • Paytm ensures 100% security for users’ identity in Money transfers more...
Subscribe via email

Enter your email address:

Follow us on Facebook
QUESTION HOUR
What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration