QOMPLX Expands “Privilege Assurance: Graph View” Visualizing Your Vulnerabilities and Enabling Rapid Response
See your Active Directory the way a hacker does — before you become a target
TYSONS CORNER, Va., June 15, 2021 (GLOBE NEWSWIRE) — Today, QOMPLX announces a robust feature expansion for its Q:CYBER Privilege Assurance product: “Graph View”. It empowers customers to more quickly see and predict specific weaknesses in their cybersecurity posture, showing defenders the attack paths and misconfigurations that ransomware gangs, hostile nations, or other malign actors might take during an intrusion.
Using Graph View, organizations can easily:
- See the Attacker’s View: See the paths to your “High Value Target” assets
- Predict The Damage: Know the “blast radius” of a potentially compromised asset
- One Hop Away: All nodes that are one “hop” away from a given start or target asset
- Avoid Common Mistakes: Highlighting common misconfigurations or privilege delegations that cause harm
Cyber attackers frequently exploit group memberships, inherited privileges and other hidden pathways to take complete control of customers’ Windows networks. Unraveling those hidden pathways is time-consuming and expensive.
Privilege Assurance with Graph View helps customers cut the time to see attack paths from days to minutes, making disastrous lateral movement attacks like the SolarWinds breach far less likely.
Windows Active Directory is the world’s most widely deployed critical infrastructure – it deserves and demands continuous monitoring and control oversight. Privilege Assurance with Graph View is QOMPLX’s next-generation technology for identifying, analyzing and scoring the security of identity and access management platforms like Active Directory. Graph View enables customers to harden their networks, and provides the foundation for enhanced risk analytics used by QOMPLX’s Risk Cloud, and by the QOMPLX Q:CYBER and Q:INSURANCE tool suites.
While multiple crippling and costly cyber events stemming from Active Directory attacks have made frontpage headlines recently, such as the attacks on Colonial Pipeline and JBS Foods, QOMPLX has been researching and architecting concrete solutions to defend Active Directory since 2015, and has been issued dozens of related patents dating back to 2017. For many of the world’s leading banks, insurers, and other customers critical to our modern digital economy, Q:CYBER Privilege Assurance is already deployed helping to protect their networks. Now, extending Graph View further accelerates the advanced capabilities of the integrated product suite QOMPLX offers to help organizations better see and manage a holistic picture of risk.
“Nearly all organizations have substantial investments in Windows infrastructure. Aging, opaque and lightly defended, this critical infrastructure is being ransacked by criminal ransomware gangs and state-sponsored privateers with alarming regularity,” said Andy Jaquith, QOMPLX’s CISO and General Manager of Cyber. “With Graph View, customers see Active Directory the way attackers do—as a graph. Using powerful analytics, customers can identify and shut down pathways attackers use to gain elevated privileges, reducing the risk of ransomware or other catastrophic breaches.”
Graph View builds attack plans, shows relationships between Active Directory nodes, and identifies paths to high-value targets (HVTs). An ever-expanding set of built-in, standard graph queries include systematically mapping Windows domain trusts, building attack paths to specific targets, exploring “nodes of interest,” finding all domain administrators, and simulating the “blast radius” of compromised nodes. These features, built to give customers’ defensive teams an edge against attackers, save security teams days of costly and error-prone research time, and take decisive action to reduce their critical risks.
Graph View employs Q:CYBER’s Privilege Assurance (PA) product to scan and map users, groups, computers, entitlements, trusts and other directory services objects from across client environments. Graph View uses intuitive notions of nodes, edges, weights, queries—but as a scalable, fast, enterprise-grade, software-as-a-service offering designed for even the largest of network environments. Graph View uses cutting-edge graph databases and in-memory caching to deliver lightning-fast analytics and insights at scale.
Q:CYBER is the only unified Identity and Privilege Access Management solution capable of both automatically detecting some of the world’s most catastrophic data breach techniques in real-time, like Golden Ticket and Silver Ticket attacks, and visualizing the likely attack paths hackers took to execute the breach. Combined with QOMPLX’s Identity Assurance detections – which validate Kerberos and SAML authentication transactions – Privilege Assurance and Graph View dramatically improve prevention and response efforts in modern enterprises and government agencies seeking to gain control over their hybrid authentication infrastructure and move towards Zero Trust network architectures.
About QOMPLX
QOMPLX helps organizations make intelligent business decisions and better manage risk through our advanced, proprietary risk cloud. We are the leaders at rapidly ingesting, transforming, and contextualizing large, complex, and disparate data sources through our cloud-native data factory in order to help organizations better quantify, model, and predict risk. Our specialized experts and technology solutions in cybersecurity, insurance, and finance power leading global corporations and mission critical public sector agencies.
For more information, visit qomplx.com and follow us @QOMPLX on Twitter.
CONTACT:
James Faeh, Director of Corporate Communications
[email protected]