• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Withings Body Comp smart scale review

May 30, 2023

2 Key Differences Between Modern Founders And Their Predecessors

May 30, 2023

How to Make Meetings Shorter (for Real)

May 30, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Security»How identity threat detection and response are the latest tools in cybersecurity arsenals
Security

How identity threat detection and response are the latest tools in cybersecurity arsenals

October 6, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
How to measure cyber risk: The basics of cyber risk quantification 
Share
Facebook Twitter LinkedIn Pinterest Email

Learn how your company can create applications to automate tasks and generate further efficiencies through low-code/no-code tools on November 9 at the virtual Low-Code/No-Code Summit. Register here.


There are many trends in cybersecurity today, as organizations battle ever more cunning and prevalent cybercriminals; new tools and methods are emerging all the time.

One of the latest: identity threat detection and response (ITDR). The term was only just coined by Gartner in March.

The firm points out that sophisticated threat actors are actively targeting identity and access management (IAM) infrastructure, and credential misuse is now a primary attack vector. ITDR, then, is the “collection of tools and best practices to defend identity systems.”

This adds another layer of security to even mature IAM deployments, said Mary Ruddy, a VP analyst at Gartner. 

Event

Low-Code/No-Code Summit

Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

“Identity is now foundational for security operations (identity-first security),” she said. “As identity becomes more important, threat actors are increasingly targeting the identity infrastructure itself.” 

Simply put, “organizations must focus more on protecting their IAM infrastructure.”

Securing identity with identity threat detection and response

Stolen credentials account for 61% of all data breaches, according to Verizon’s 2022 Data Breach Investigations Report. Gartner, meanwhile, attributes 75% of security failures [subscription required] to lack of identity management; this is up from 50% in 2020, the firm reports. 

As noted by Peter Firstbrook, a research VP at Gartner, organizations have spent considerable effort improving IAM capabilities, but most of that focus has been on technology to improve user authentication. While this may seem beneficial, it actually increases the attack surface for a foundational part of the cybersecurity infrastructure. 

See also  The evolution of threat modelling as a DevSecOps practice

“ITDR tools can help protect identity systems, detect when they are compromised and enable efficient remediation,” he said. 

One early entrant in the category is Boston-based startup Oort, which today announced the completion of a $15 million round including both seed and series A investments. 

Other companies in the space include Attivo Networks (SentinelOne), CrowdStrike, Portnox, Illusive, Authomize, Quest Cybersecurity and Semperis (among others). 

“Account takeover has become the dominant attack vector in 2022, said Oort CEO, Matt Caulfield.

Compromised identities have been the primary target in every recent major breach, he noted — Okta, Lapsus$, Uber, Twilio, Rockstar. 

“ITDR addresses this issue directly by locking down accounts that are vulnerable to takeover and by monitoring the behavior of all accounts to uncover suspicious activity,” said Caulfield. 

Preventing account takeover

The most common identity vulnerability: weak multifactor authentication (MFA). 

As Caulfield pointed out, most organizations are either not enforcing second-factor authentication, or they are enforcing it but still allowing weak forms of MFA, such as SMS. These are “highly susceptible to phishing and man-in-the-middle attacks,” he said. 

Oort detects accounts with weak MFA configuration and guides the account owner to adopt stronger authentication, thereby protecting those identities.

The platform can correlate data across multiple identity sources into a single unified view of the attack surface, said Caulfield. Its underlying architecture is a security data lake powered by Snowflake; this enables the platform to “ingest and store massive volumes of data.” Oort is also built on AWS Lambda, which allows it to automatically scale data-streaming architecture. 

See also  CloudMensis Malware Focusing on macOS Methods

The tool works with existing identity systems such as Okta and Microsoft Azure AD to enable comprehensive and quick ITDR. 

To secure its platform, Oort has gone through what Caulfield described as “rigorous testing” to meet industry standards and receive critical certifications, including SOC 2 Type 2. 

“No other tool can answer ‘Who is this user? What do they have access to?’ And, ‘what are they doing with that access?’” said Caulfield, who contends that his company is positioned to lead the young category.

All told, “ITDR helps enterprise security teams to discover, secure and monitor their full population of identities so they can mitigate that risk and prevent account takeover.” 

Nascent market

The company plans to use the funds to execute on its go-to-market (GTM) strategy by building out its sales and marketing functions. 

As Caulfield noted, the intention is “to capture the nascent ITDR market opportunity as an early leader in the space.” 

The funding round was co-led by .406 Ventures and Energy Impact Partners (EIP), and also included Cisco Investments. They join existing investors 645 Ventures, Bain Capital Ventures and First Star Ventures.

Source link

arsenals Cybersecurity Detection identity latest Response threat tools
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Doctors Behind Mifepristone Ban Called ‘Christians’ a Top Threat

May 5, 2023

Eight Effective Methods For Educating Consumers About Cybersecurity

March 31, 2023

Database giant Snowflake closes deal to acquire tools from Mobilize.net – Startup

February 20, 2023

Plant-based chicken startup Rebellyous Foods raises $9.5M to launch latest production tech – Startup

February 4, 2023
Add A Comment

Comments are closed.

Editors Picks

Mobile payment apps: How to stay safe when paying with your phone

June 25, 2022

Fb’s newest house feed focuses on beneficial content material

July 21, 2022

The Ascent Cyber Heist DLC is coming later this month

August 5, 2022

StrikerVR is Launching Its Most Affordable VR Gun Accessory Yet

September 5, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Withings Body Comp smart scale review

2 Key Differences Between Modern Founders And Their Predecessors

How to Make Meetings Shorter (for Real)

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.