Specops Software
Coverage of Specops Software in the Nexus archive.
- The 5 Best Practices for Secure Identity Verification
The article discusses how attackers bypass weak authentication using phishing, MFA fatigue, and service desk social engineering. Specops Software outlines five best practices to enhance identity verification and access security.
- Can you enforce strong Active Directory password rules without frustrating users?
Specops Software highlights methods to enforce strong Active Directory passwords through passphrases, breached password protection, and self-service resets, ensuring security without compromising user experience.
- Identity Alone Isn't Enough: Why Device Security Has to Share the Load
Identity checks are insufficient to prevent attackers from using stolen session tokens and compromised devices. Zero Trust strategies now rely on continuous device verification. This approach is necessary to enhance security.
- Why Changing Passwords Doesn’t End an Active Directory Breach
Resetting a password doesn't always remove attackers from Active Directory, as cached credentials and Kerberos tickets can keep them authenticated after a reset. This is explained by Specops Software. Attackers can remain in the system even after a password change.
- Regular Password Resets Aren’t as Safe as You Think
Regular password resets can be exploited by attackers through helpdesk social engineering, leading to full account compromise. Specops Software demonstrated how these resets bypass security controls, highlighting vulnerabilities in common authentication practices.