Page 212 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 212
it harder for attackers to steal and use them. Defenders can also be proactive, placing false credentials
on network endpoints to trick attackers into stealing them. When an attacker attempts to use a set of
deceptive credentials, the system can flag it as attacker activity and notify defenders in real time. In
addition to seeding decoy credentials, organizations can also take steps to hide their real credentials,
making them invisible to attackers. Much like defenders cannot protect what they cannot see, attackers
cannot steal what they cannot see. And if they can’t compromise a valid identity, they will find it that much
harder to break out from the endpoint and escalate their attacks.
Bringing Endpoint and Identity Security Together
Organizations are increasingly implementing ITDR solutions to complement EDR tools and provide the
ability to address credential theft, credential misuse, privilege escalation, and other attack activities that
traditional endpoint security solutions are not designed to manage. Together, these solutions can help
defenders identify potential vulnerabilities on the endpoint while adding real-time detection capabilities to
identify suspicious activities like mass account or password changes, brute force attacks, use of disabled
accounts, and more. The ability to conceal valid credentials while seeding fake ones designed to attract
adversaries adds a new layer of defense designed to make it harder for attackers to break out from the
endpoint and reach Active Directory. By rethinking their approach to endpoint security and integrating it
with identity-based solutions, today’s organizations can shore up their defenses against some of today’s
most prevalent—and evasive—attacks.
About the Author
Carolyn Crandall is the strategic advisor for SentinelOne, an autonomous
cybersecurity platform company. Prior to SentinelOne, Carolyn served as the
Chief Security Advocate and CMO at Attivo Networks. She is a high-impact
technology executive with over 30 years of experience in building new
markets and successful enterprise infrastructure companies. She has a
demonstrated track record of taking companies from pre-IPO through to
multibillion-dollar sales and held leadership positions at Cisco, Juniper
Networks, Nimble Storage, Riverbed, and Seagate.
212