Employees or other users within an organisation may become compromised if an adversary gains access to their credentials. Bad actors can masquerade as legitimate employees going about their normal business, making them hard to detect. Their under-the-radar activities often take weeks or months to be discovered, resulting in more severe data breaches or remediation costs.
Privilege Escalation
Download the Solution Brief
Privilege escalation is the fourth most common tactic used in reported data breaches. Many legacy security systems that rely on static correlation rules are unable to detect an attacker who escalates their privileges. A privileged user’s work patterns may not occur in regular, predictable patterns, making it difficult to detect privilege escalation. If undetected, a privilege escalation attack can enable access to high value assets with impunity. The result of a privilege escalation attack can be devastating to an organisation, as attackers gain access to networks, typically with the aim of exfiltrating data, disrupting business activity, or installing backdoors to enable continued access to internal systems.
Exabeam helps protect against attackers using privilege escalation by detecting techniques like credential enumeration, bloodhound execution, and more. Behavioral models detect anomalous activity, like first time access to hosts and assets or permission changes, and put them in the context of the historical behavior of that user, their peers, and their organisation to clearly distinguish an adversary from a normal user.
Simply enter a few details to download the full solution brief!
*Click here to view the information notice & cookie policy