SaaS platform complements other identity and access management, privilege access management, and custom identity solutions as cybercriminals prioritize stolen access credentials. Credit: Foundry Cybersecurity vendor Inside-Out Defense has emerged from stealth with the launch of a new privilege access abuse detection and remediation platform. The SaaS, agentless platform supports all environments and applications, complementing existing identity and access management (IAM), privilege access management (PAM), and custom identity solutions, the firm said.Stolen access credentials are highly attractive to cybercriminals looking for routes into company networks and systems. What’s more, access brokers – criminal groups that sell stolen access credentials – have become a key component of the eCrime threat landscape, with elevated privileges typically having the highest asking prices.Privilege access abuse significant contributor to data breachesPrivilege abuse through compromised identities are significant contributors to data breaches. Without the ability to see how access is used throughout an enterprise, CISOs and cybersecurity teams can be blindsided. Tools such as PAM solutions can aid management of privileged credentials to stop or slow an attacker’s movement through a network. However, Inside-Out Defense claimed that today’s cybersecurity market is flushed with point solutions that only look for a few known privilege abuse signatures and are reactive in nature, detecting abuses after the event. The Inside-Out Defense platform enables the determination of gaps between known and unknown abuse behaviors to detect privilege abuse as it happens, the vendor said in a press release. Inside-Out Defense said the platform’s key features include:Privilege abuse remediation: The platform detects access abuse behaviors in real time and provides in-line remediation of malicious privilege access through a kill switch.Access intent: Customers get a 360-degree profile of malicious access requests, their context, and intent, offering a real-time view of the organization’s access posture.Coverage across the entire organization: Coverage across the organization’s environments includes infrastructure (cloud and on-premises), applications (SaaS, managed, unmanaged), APIs, and human/ non-human users.“Many enterprise organizations struggle to maintain a comprehensive view of privilege access that has been awarded to their employees,” said Mark Settle, author of Truth from the Valley, A Practical Primer on IT Management for the Next Decade and former Okta CIO. This confusion results from the wide array of IT resources supporting daily business operations and the complex ways access can be granted, delegated, transferred, or assumed, he added. Cybercriminals prioritize stolen credentials, access broker demand increasesCybercriminals are doubling down on stolen credentials, demonstrating a clear demand for access broker services. There was a 112% year-over-year increase in advertisements for access broker services identified last year compared to 2021, with more than 2,500 advertisements for access detected across the criminal underground, according to the CrowdStrike 2023 Global Threat Report. There was also a notable shift away from malware use related to adversaries’ prolific abuse of valid credentials to facilitate access and persistence in victim environments, the research found.Several brokers advertised access in bulk during 2022, while others continued to use the “one-access one-auction” technique, according to CrowdStrike. The most advertised sectors by access brokers in 2022 were the academic, technology, and industrial sectors, with government, healthcare, and retail the least advertised. Related content feature Low-tech tactics still top the IT security risk chart USB-based attacks, QR codes for phishing and social engineering continue to be some of the most effective, now more dangerous with the help of AI. By Rosalyn Page May 14, 2024 9 mins Cyberattacks Social Engineering Data and Information Security how-to Download the SASE and SSE enterprise buyer’s guide From the editors of our sister publication Network World, this enterprise buyer’s guide helps network and security IT staff understand what SASE (Secure Access Service Edge) and SSE (Secure Service Edge) can do for their organizations and how t By Neal Weinberg May 13, 2024 1 min Remote Access Security Network Security Enterprise Buyer’s Guides news IntelBroker steals classified data from the Europol website The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data. By Shweta Sharma May 13, 2024 3 mins Data Breach Hacker Groups feature Ridding your network of NTLM The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. By David Strom May 13, 2024 8 mins Authentication Windows Security Network Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe