pthomas

/Peter Thomas

About Peter Thomas

This author has not yet filled in any details.
So far has created 11 blog entries.

How to Assess Ransomware Risk with LT Auditor+

Ransomware attacks continue to increase every day. Cyber threats are hitting more businesses in the United States and worldwide. According to 2022 – Verizon Data Breach Investigation Report- “this year Ransomware has continued its upward trend with an almost 13% increase–a rise as big as the last five years combined (for a total of 25% […]

By |June 16th, 2022|Blog|0 Comments

Monitoring Windows/AD Authentications and Logon Activity

Microsoft Windows operating systems uses a variety of authentication technologies that allow users access to resources on the network. These authentication protocols include Kerberos, NT LAN Manager (NTLM), Negotiate, Schannel (secure channel) and Digest which are all part of the Windows security architecture.

LT Auditor+ 2013 is able to completely audit all activity associated with Kerberos […]

By |January 14th, 2016|Blog|0 Comments

Inactive Active Directory User Accounts

Active Directory (AD) users’ IDs that have not been used for extended periods of time pose a threat to any organization, as these IDs could be used to gain illegal access to the network.  Most security policies and compliance regulations also mandate that Active Directory user accounts be disabled after a certain period of inactivity. […]

By |January 14th, 2016|Blog|0 Comments

Auditing and Monitoring Active Directory Group Policies

Group Policy is a core component of Active Directory (AD) used to centrally manage an organizations’ security, application, and user settings. Group Policy settings are divided into user and computer sections, and a policy can be configured to be applied based on whether the target is a user or computer object.

An extensive range of functionality […]

By |January 14th, 2016|Blog|0 Comments

Assess and Monitor File/Folder Security Permissions

Access to files and folders is controlled by permissions or Discretionary Access Control Lists (DACLs) assigned to folders and files. In an Active Directory (AD) environment, user access to file and folder resources is governed by DACLs assigned directly or based on memberships to groups that have been granted permissions to these resources.

LT Auditor+ 2013 […]

By |January 14th, 2016|Blog|0 Comments

Detecting High Volume Copy Operations on Windows File Systems with LT Auditor+ 2013

Why Audit High-Volume Copy Operations?
One of the most common methods to extract or steal information is to copy large volumes of critical information from file shares to either flash drives or other USB devices that can be easily removed from the environment. There have been several examples of high-volume data theft. Here are some of […]

By |January 14th, 2016|Blog|0 Comments

Activity Director User Account Lockout Activity

User account lockouts in Active Directory occur for a variety of reasons, and often the challenge is to determine the Windows node and user causing the lockout so as to resolve the issue. Account lockouts can be a frustrating experience for users, a nightmare for network administrators, and a cause for concern for security administrators. […]

By |January 14th, 2016|Blog|0 Comments

Track and Audit Active Directory Access Control Permissions

Access control is used to govern user access to shared resources for security purposes. Active Directory access control is administered at the object level by setting different levels of access, or permissions, to objects. Some of the types of permissions that can be given to any object are:

Full Control – complete access
Write
Read
No Access
Create Child Objects
Delete […]

By |January 14th, 2016|Blog|0 Comments

Track and Audit Active Directory Group Membership

Active Directory (AD) has two types of groups called Security and Distribution. Distribution groups are used for distribution lists in Exchange and cannot be assigned permissions or rights. Security groups are used for assigning permissions and rights and can also be used for distribution lists.

As security groups are used to control access permissions to resources […]

By |January 14th, 2016|Blog|0 Comments

Track and Monitor Active Directory Activity

Active Directory (AD) is a directory service that controls who has access to systems, applications, and data resources across the network. It is therefore very important to get visibility into Active Directory and track activities occurring within it to reduce risks and ensure confidentiality, integrity, and availability of resources.

LT Auditor+ protects your organization from internal […]

By |January 14th, 2016|Blog|0 Comments