Illusive has released its enhanced ITDR solution, which enables organizations to protect privileged identities, which are at risk of cyberattack and regulatory non-compliance.
Account takeover attacks, which evade traditional detection and reduce attack duration to days instead of months, have become the leading vector of cyberattacks.
According to Gartner, “Deploying and maturing ITDR is a critical security practice.”
Illusive’s ITDR solution, Illusive Spotlight and Illusive Shadow, enable comprehensive detection of unmanaged, misconfigured and exposed identity risks that leave every organization vulnerable to attack. It delivers aggregated, prioritized and contextualized insights into identity risks, so security teams can focus on addressing their biggest risks first. Additionally, the solution fully automates remediation with no risk of business impact.
Illusive’s agentless approach examines directory structures (e.g., Active Directory), privileged access management (PAM) solutions (e.g., CyberArk, Delinea), endpoints, servers and services, revealing gaps between the intent of an organization’s identity security policies and the reality of their environment. Illusive prevents attacks by removing what attackers need to succeed: privileged account access.
New features and benefits in Illusive’s ITDR solution include:
- MITER ATT&CK relationship with risk – Relate identity risk factors to MITER ATT&CK tactics, procedures and sub-techniques. Dashboard-level information that provides an aggregated view of the percentage of identities vulnerable to any particular attack tactic, such as initial access, privilege escalation or credential access, that can be drill down to individual identities for an integrated view of risk.
- Kerberoatable accounts – Detect and remediate misconfigured Active Directory accounts with vulnerable Kerberos tickets that can be exploited by attackers to brute force credentials.
- Active directory domains and trusts – A graphical visualization of Active Directory forests, domains and trusts shows misconfigurations that could allow an attacker to move between domains.
- ServiceNow integration – Integrate with ServiceNow to create identity-based incident tickets to facilitate identity risk resolution in the ServiceNow Incident module from within the Illusive console.
- Delineate center integration – Connect to the Delinea Centrify vault to continuously discover unmanaged accounts.
- Azure AD privilege classification – Classify Azure AD user privileges based on automatically collected evidence, such as directory or subscription level privileged roles.