GoSecure has released Titan Identity, a solution that combines technology with a managed service to provide a cost-effective, deployable solution that enables organizations to improve credential theft response times.
Threat actors use a variety of techniques to exploit identity services such as Active Directory because they recognize that identity controls access to everything. Insufficient privilege access and lateral movement controls were found in 93% of Microsoft investigations conducted during ransomware recovery engagements, according to Microsoft’s 2022 Digital Defense Report.
Jeff Schmidt, CTO at GoSecure commented, “Any company operating Windows and using domain identity has a common, high-risk attack surface. Unfortunately, early detection often fails because of excess noise, poor visibility, or uninformative alerts.
Titan Identity is a specialized solution intended to complement, rather than compete with, a SIEM by focusing on attacks against domain identity, where specialized technology and insight can deliver superior results.”
Detecting these attacks in the shortest possible timeframe is critical for reducing the likelihood of a successful breach. Yet, breaches caused by stolen or compromised credentials had the longest lifecycle — 243 days to identify the breach, and another 84 days to contain the breach (IBM Cost of a Data Breach Report 2022).
GoSecure Titan Identity is a purpose-built detection service designed to reduce the time it takes to detect and respond to attacks on enterprise identity systems such as Microsoft Active Directory.
Key advantages consist of:
- Reduced detection and response times for the Incident Response team thanks to continuous, ongoing visibility into identity attacks across hosts, servers, VMs, containers, desktops, and laptops across the enterprise.
- Decreased false positives, avoided a second user interface, and delivered alerts with enhanced messages to increase productivity for analysts.
- Increased return on previous investments in SIEM/SOAR by utilizing SIEM infrastructure, enabling use of non-SIEM logs that exceed your indexing and storage budget, and supporting new SOAR playbooks with automated actions.
- Verifiable accuracy is made possible by continuous, automated testing and performance measurement.
- By avoiding network probes and sensors, deployment and change costs will be lower.
- Increasing the internal team’s capacity to detect identity attacks by giving them access to a team of data scientists.