pthomas

/Peter Thomas

About Peter Thomas

This author has not yet filled in any details.
So far has created 13 blog entries.

How to Audit Ransomware Risk

The protection of data and information assets is a key, ongoing focus for organizations around the world. Using encryption technology, limitations to access, and various high-level efforts, as quickly as organizations put a security practice in place, bad actors are evolving in their pressure tactics to infiltrate the system. Ransomware is an evolving tool of […]

By |August 22nd, 2022|Blog|Comments Off on How to Audit Ransomware Risk

How to Investigate Ransomware Risk

Knowing how to investigate ransomware risk is absolutely critical to maintaining a safe online presence in today’s fast-paced world. With unprecedented numbers of people conducting business online, there is a parallel and unfortunate trend showing a substantial increase in malicious activity. From cyberattacks to malware, organizations must be able to assess any security vulnerability before […]

By |July 25th, 2022|Blog|Comments Off on How to Investigate Ransomware Risk

How to Assess Ransomware Risk with LT Auditor+

Ransomware attacks continue to increase every day. Cyber threats are hitting more businesses in the United States and worldwide. According to 2022 – Verizon Data Breach Investigation Report- “this year Ransomware has continued its upward trend with an almost 13% increase–a rise as big as the last five years combined (for a total of 25% […]

By |June 16th, 2022|Blog|0 Comments

Monitoring Windows/AD Authentications and Logon Activity

Microsoft Windows operating systems uses a variety of authentication technologies that allow users access to resources on the network. These authentication protocols include Kerberos, NT LAN Manager (NTLM), Negotiate, Schannel (secure channel) and Digest which are all part of the Windows security architecture.

LT Auditor+ 2013 is able to completely audit all activity associated with Kerberos […]

By |January 14th, 2016|Blog|0 Comments

Inactive Active Directory User Accounts

Active Directory (AD) users’ IDs that have not been used for extended periods of time pose a threat to any organization, as these IDs could be used to gain illegal access to the network.  Most security policies and compliance regulations also mandate that Active Directory user accounts be disabled after a certain period of inactivity. […]

By |January 14th, 2016|Blog|0 Comments

Auditing and Monitoring Active Directory Group Policies

Group Policy is a core component of Active Directory (AD) used to centrally manage an organizations’ security, application, and user settings. Group Policy settings are divided into user and computer sections, and a policy can be configured to be applied based on whether the target is a user or computer object.

An extensive range of functionality […]

By |January 14th, 2016|Blog|0 Comments

Assess and Monitor File/Folder Security Permissions

Access to files and folders is controlled by permissions or Discretionary Access Control Lists (DACLs) assigned to folders and files. In an Active Directory (AD) environment, user access to file and folder resources is governed by DACLs assigned directly or based on memberships to groups that have been granted permissions to these resources.

LT Auditor+ 2013 […]

By |January 14th, 2016|Blog|0 Comments

Detecting High Volume Copy Operations on Windows File Systems with LT Auditor+ 2013

Why Audit High-Volume Copy Operations?
One of the most common methods to extract or steal information is to copy large volumes of critical information from file shares to either flash drives or other USB devices that can be easily removed from the environment. There have been several examples of high-volume data theft. Here are some of […]

By |January 14th, 2016|Blog|0 Comments

Activity Director User Account Lockout Activity

User account lockouts in Active Directory occur for a variety of reasons, and often the challenge is to determine the Windows node and user causing the lockout so as to resolve the issue. Account lockouts can be a frustrating experience for users, a nightmare for network administrators, and a cause for concern for security administrators. […]

By |January 14th, 2016|Blog|0 Comments

Track and Audit Active Directory Access Control Permissions

Access control is used to govern user access to shared resources for security purposes. Active Directory access control is administered at the object level by setting different levels of access, or permissions, to objects. Some of the types of permissions that can be given to any object are:

Full Control – complete access
Write
Read
No Access
Create Child Objects
Delete […]

By |January 14th, 2016|Blog|0 Comments