Silverfort

We live in a changing identity world with increasingly complex compute environments 🌎 In this webinar with Advisor Rob Larsen and Simon Moffatt, Founder of The Cyber Hut, our speakers explore foundational identity security principles that help you modernize your strategies to meet today's threat landscape—without needing to rip out and replace the infrastructure you already have. Sign up to learn: ↔️ How attackers exploit native Active Directory protocols (like NTLM and Kerberos) for lateral movement 📲 Why traditional MFA tools fail to protect many critical AD authentication paths 👑 How to discover and security unmanaged privileged users and accounts 💯 Real-world uses cases and steps for reducing identity-based risks in your environment Register here: https://lnkd.in/gFHQrbdh #ActiveDirectory #MFA #Kerberos #IdentityThreats

We're excited for Chief Identity Security Advisor (APJ) Abbas Kudrati to deliver a keynote at Data Security Council of India's AISS 2025! 🎤 Join Abbas on December 5th as he explains how identity has become the new control plane for cybersecurity and compliance under India's DPDP Act, and strategies to achieve data security through unified, intelligent identity security. You can also stop by our booth at the event to talk with Abbas directly about what's next for Zero Trust and identity-driven threat defense 🛡️ Questions before the event? Connect with Abbas on LinkedIn: https://lnkd.in/gTDNBPRq #AISS2025 #ZeroTrust #DPDPAct #DataSecurity

"You Win Some, You CheckSum: A Kerberos Delegation Vulnerability." 🎤 Security Researcher Eliran Partush will be speaking at Black Hat in London to explain the details of the recent vulnerability CVE-2025-60704 and what it means for your identity security strategy. 𝗪𝗵𝗮𝘁 𝘄𝗶𝗹𝗹 𝗵𝗲 𝗰𝗼𝘃𝗲𝗿 𝘀𝗽𝗲𝗰𝗶𝗳𝗶𝗰𝗮𝗹𝗹𝘆? In Active Directory networks, user identity impersonation is commonly used when applications need to access network resources on behalf of the user. One of the safest ways to implement this is through Kerberos Constrained Delegation (KCD), which enforces trust boundaries between the application and the target services. In this talk, Eliran will dive into the internals of the authentication process behind these mechanisms and present CVE-2025-60704: a logical vulnerability discovered in Microsoft's Kerberos implementation. Using Machine-in-the-Middle technique, this flaw allowed his team to impersonate arbitrary users and ultimately gain control over the entire domain. To understand how the vulnerability works, he'll go through protocol behavior, trust assumptions, and some light reverse engineering of Windows internals that helped trace the flaw down to its root. Finally, you'll learn mitigation strategies and how to better protect environments relying on Kerberos delegation. 𝗪𝗵𝗲𝗻 & 𝘄𝗵𝗲𝗿𝗲 ⌚ December 10, 2:30-3 PM 📍 ICC Maritime Suite, Victoria 6, Level 3 Add to your agenda: https://lnkd.in/g-rYhrAh Connect with Eliran before the event: https://lnkd.in/gX9D63U8 #ActiveDirectory #MicrosoftSecurity #Kerberos #Authentication

We're excited to join you at the 2025 Gartner® Identity & Access Management Summit form December 8-10! With so many opportunities to find value while at the conference, we've shortlisted a few suggestions on what you can do to make the most of your time: 🎤 Director of Solution Architecture, Technology Alliances Frank Gasparovic suggests honing in on how integrations can simplify and amplify your identity and security tech stack 🎤 Director of Channel, Americas Amy Kowalchyk recommends identifying ways that partners can help you get the most out of your identity solutions 🎤 Advisor Rob Larsen advocates for getting clear on how to reach your goals in the simplest manner possible, and also talking with other conference attendees about how they plan to overcome challenges you may be dealing with, too At Booth #435, we'll be covering all these topics and much more, like how to: 👉 Extend MFA to every resource, including legacy applications, homegrown systems, command-line tools, and OT infrastructure without modifications 👉 Seamlessly visualize all identities and their permissions across your hybrid environment 👉 Secure your privileged users and accounts at scale, rather than just managing them With a 4.7 star rating on Gartner Peer Insights and over 1,000 global customers, Silverfort solves today's identity security challenges using a single platform. See how by visiting us at Booth #435 🤝 See you soon! ✈️ #GartnerIAM #MFA #TechIntegrations #ZeroTrust

New analysis from Lawrence Pingree and Francis Odum of Software Analyst Cyber Research explains why strong identity security practices are key to defend against modern cyberthreats and criminal groups like Scattered Spider 🕷️ Breaking down Scattered Spider's methods helps us understand how real-world attacks unfold in the present-day, including: 🕸️ How attackers gain initial access 🕸️ How they exploit weaknesses across identity, SaaS, cloud and on-prem environments (the hybrid reality) 𝗖𝘂𝗿𝗿𝗲𝗻𝘁 𝗱𝗲𝗳𝗲𝗻𝘀𝗲𝘀 𝗮𝗴𝗮𝗶𝗻𝘀𝘁 𝗶𝗱𝗲𝗻𝘁𝗶𝘁𝘆-𝗯𝗮𝘀𝗲𝗱 𝘁𝗵𝗿𝗲𝗮𝘁𝘀 𝗼𝗳𝘁𝗲𝗻 𝗳𝗮𝗶𝗹 𝗯𝗲𝗰𝗮𝘂𝘀𝗲 𝗼𝗳 𝘁𝗵𝗲 𝗹𝗮𝗰𝗸 𝗼𝗳 𝗶𝗱𝗲𝗻𝘁𝗶𝘁𝘆-𝗳𝗶𝗿𝘀𝘁 𝘃𝗶𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆, 𝗽𝗼𝘀𝘁𝘂𝗿𝗲 𝗵𝗮𝗿𝗱𝗲𝗻𝗶𝗻𝗴, 𝗮𝗻𝗱 𝗯𝗲𝗵𝗮𝘃𝗶𝗼𝗿𝗮𝗹 𝗱𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻. Read the report found in Lawrence's post below to understand the specifics of modern cyberthreats, and how to defeat threat actors using an identity-first approach. Thank you SACR team for featuring us alongside Permiso Security and CrowdStrike, and for explaining core capabilities Silverfort provides such as Identity Graph & Inventory to help teams centralize every identity in one place. Get the report 👇 #ScatteredSpider #ITDR #MFA #IdentitySecurity

המנכ”ל ואחד הפאונדרים שלנו, הד קובץ (Hed Kovetz), התארח בפודקאסט “לדעת להחליט” לשיחה פתוחה על האיזון שבין מהירות לחדשנות, על בניית תרבות צוותית בריאה גם תחת לחץ, ועל היכולת ללמוד מטעויות בלי להתפשר על סטנדרטים גבוהים. בסילברפורט, אנחנו מאמינים בלקיחת סיכונים מחושבת, בשקיפות אמיתית לגבי כישלונות, וביצירת מרחב שבו אנשים מרגישים בטוחים לפרוץ גבולות ולהתנסות ללא חשש. בעולם טכנולוגי שמתקדם בקצב מסחרר, אנחנו ממשיכים להוביל בעזרת עידוד חדשנות, יצירתיות ושיתוף פעולה. ממליצים להאזין לפרק המלא ולשמוע עוד מהד על איך בונים תרבות ארגונית מנצחת. https://lnkd.in/ehs9wm3j

We’re excited to share that Silverfort is named as an Example Vendor in the 2025 Gartner® "A Well-Run Active Directory Requires Strong Identity Controls." We're recognized in three key areas of the report: 👉 Implement MFA resources integrated with AD 👉 Implement Identity Posture Management and Identity Threat Detection and Response (ITDR) 👉 MFA integration options for AD-bound legacy applications (authentication forwarding solutions) AD has long been the backbone of enterprise identity—and a prime target for attackers. While it remains a critical part of your infrastructure, it's often left exposed to credential compromise, lateral movement, and privilege escalation. Learn how Silverfort puts Gartner's framework into action and strategies for modernizing Active Directory protection: https://lnkd.in/gvTDNruw #ActiveDirectory #IdentitySecurity #CredentialAbuse #ITDR

Just because everyone's talking about cloud and AI, legacy Active Directory isn't going anywhere. So, instead of treating it like the elephant in the room, the 800-pound gorilla, or some (other) enormous animal, let's focus on building an identity security strategy that stands the test of time all the way from Active Directory to Agentic AI 💯 In his latest blog, Advisor Eric Haller sums it up by asking one question: "𝗛𝗲𝘆 𝗖𝗜𝗦𝗢, 𝗮𝗿𝗲 𝘆𝗼𝘂 𝗰𝗼𝗺𝗳𝗼𝗿𝘁𝗮𝗯𝗹𝗲 𝘄𝗶𝘁𝗵 𝘆𝗼𝘂𝗿 𝗖𝗜𝗢'𝘀 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝘀𝘁𝗿𝗮𝘁𝗲𝗴𝘆 𝗶𝗻 𝘁𝗵𝗲 𝗔𝗜 𝗲𝗿𝗮?" Identity utilization has changed because of digital transformation; for example, AI means that "identity" can become impersonated. The changing landscape necessitates a change in communication and strategy, too. The IAM team responsible for 𝘱𝘳𝘰𝘷𝘪𝘴𝘪𝘰𝘯𝘪𝘯𝘨 infrastructure needs to be in lock step with the security team 𝘴𝘦𝘤𝘶𝘳𝘪𝘯𝘨 that infrastructure, and vice versa. How do we get them all on the same page? Find out in Eric's blog: 🌟 Shared north star goals between the CISO/CIO and their respective teams 🌟 How to operationalize each goal into actionable steps 🌟 Discussions IAM and security teams can have to close communication gaps Read it here: https://lnkd.in/esA233xE #IAM #CISO #CIO #CybersecurityStrategy

☎️ Your 2025 Gartner® Identity & Access Management Summit schedule called... it's time to lock down your plan for leveling up your identity security while in Texas 💪 As your company's identity infrastructure expands and grows more complex, identity security becomes a key piece of the puzzle in your threat prevention strategy. The truth is... IAM isn't the same as identity security, and the distinction is important to recognize as you navigate the conference in December. But rest assured—whether you're working on how to secure non-human identities or privileged accounts, or planning ahead for gaining visibility into AI agent activity in your organization—our identity security experts would love to chat. Here's how: 𝗩𝗶𝘀𝗶𝘁 𝗕𝗼𝗼𝘁𝗵 #𝟰𝟯𝟱 𝘁𝗼: 💻 Get a deep dive into our new Access Intelligence, Identity Graph & Inventory, and Agentic AI security capabilities ✔️ Learn how identity security solutions like ITDR, ISPM, and MFA converge into a single, unified platform that helps you prevent lateral movement, maintain compliance, and more in hybrid environments 👕 Get your identi-tee* when you take a tour of the platform Plus, attend sessions on Monday and Tuesday for real-world examples of how enterprises secure every identity, and strategies for securing privileged users and accounts: 🎙️ "How Ciena secured machine identities—and applies that playbook to AI" with Steven Rennick and Hed Kovetz on December 8th at 11:45 AM 🎙️ "Close the privileged access gap across humans, machines, and agents" with Drew Schuil on December 9th at 5:35 PM We'll see you soon at Booth #435! 🤠 #IdentitySecurity #GartnerIAM *𝘎𝘢𝘳𝘵𝘯𝘦𝘳 𝘪𝘴 𝘩𝘰𝘴𝘵𝘪𝘯𝘨 𝘵𝘩𝘦 𝘎𝘢𝘳𝘵𝘯𝘦𝘳 𝘊𝘰𝘯𝘧𝘦𝘳𝘦𝘯𝘤𝘦, 𝘎𝘢𝘳𝘵𝘯𝘦𝘳 𝘪𝘴 𝘯𝘰𝘵 𝘪𝘯 𝘢𝘯𝘺 𝘸𝘢𝘺 𝘢𝘧𝘧𝘪𝘭𝘪𝘢𝘵𝘦𝘥 𝘸𝘪𝘵𝘩 𝘌𝘹𝘩𝘪𝘣𝘪𝘵𝘪𝘯𝘨 𝘊𝘰𝘮𝘱𝘢𝘯𝘺 𝘰𝘳 𝘵𝘩𝘪𝘴 𝘱𝘳𝘰𝘮𝘰𝘵𝘪𝘰𝘯, 𝘵𝘩𝘦 𝘴𝘦𝘭𝘦𝘤𝘵𝘪𝘰𝘯 𝘰𝘧 𝘸𝘪𝘯𝘯𝘦𝘳𝘴 𝘰𝘳 𝘵𝘩𝘦 𝘥𝘪𝘴𝘵𝘳𝘪𝘣𝘶𝘵𝘪𝘰𝘯 𝘰𝘧 𝘱𝘳𝘪𝘻𝘦𝘴. 𝘎𝘢𝘳𝘵𝘯𝘦𝘳 𝘥𝘪𝘴𝘤𝘭𝘢𝘪𝘮𝘴 𝘢𝘭𝘭 𝘳𝘦𝘴𝘱𝘰𝘯𝘴𝘪𝘣𝘪𝘭𝘪𝘵𝘺 𝘧𝘰𝘳 𝘢𝘯𝘺 𝘤𝘭𝘢𝘪𝘮𝘴 𝘵𝘩𝘢𝘵 𝘮𝘢𝘺 𝘢𝘳𝘪𝘴𝘦 𝘩𝘦𝘳𝘦𝘶𝘯𝘥𝘦𝘳.

🚅 As a designated critical infrastructure provider, even a brief operational disruption for Lineas could create collapse across national logistics in Belgium and the wider European supply chain. While they had a mature security stack in place, including SIEM and SOC solutions, Lineas lacked real-time visibility into Active Directory (AD) authentications and couldn't enforce controls beyond the perimeter. That's when two priorities became clear: 1️⃣ Enforcing a second layer of risk-based MFA protection for privileged access, including RDP 2️⃣ Restricting non-human identity access to only the needed systems To satisfy their requirements, the team wanted to secure privileged access and gain visibility and control of service accounts—all while ensuring they didn't introduce unnecessary complexity. 🤝 After a POC with support from Jarviss, Lineas moved quickly to deploy Silverfort across its hybrid environment. Learn how their success with Silverfort's Identity Security Platform paved the way for long-term identity security hygiene: https://lnkd.in/ghabv6XU #NonHumanIdentitySecurity #ActiveDirectory #PrivilegedAccessSecurity #IAM