‘Alerts-as-a-Service’ solution dramatically reduces the time to detect and respond to attacks against enterprise identity systems.
San Diego, CA. — GoSecure, a leading provider of Managed Extended Detection and Response (MXDR) and expert advisory services, today announced the availability of Titan Identity, a solution combining technology with a managed service to provide a cost-effective, rapidly deployable solution that enables organizations to measurably improve credential theft response times.
Threat actors have many techniques to abuse identity services like Active Directory because they recognize identity controls access to everything. According to Microsoft’s 2022 Digital Defense Report, 93% of Microsoft investigations during ransomware recovery engagements revealed insufficient privilege access and lateral movement controls. Detecting these attacks in the smallest possible timeframe is a critical requirement to reduce the chances of a successful breach. Yet, breaches caused by stolen or compromised credentials had the longest lifecycle — 243 days to identify the breach, and another 84 days to contain the breach (IBM Cost of a Data Breach Report 2022).
GoSecure Titan Identity is a purpose-built detection service aimed at dramatically reducing the time to detect and respond to attacks against enterprise identity systems like Microsoft Active Directory. Through real-time analysis of Active Directory and other event log information, Titan Identity’s low false-positive alert technology enables Incident Response teams to leverage existing workflow systems to rapidly respond to common, yet lethal attacks launched after the initial foothold and protect the critical business assets.
“Any company operating Windows and using domain identity has a common, high-risk attack surface. Unfortunately, early detection often fails because of excess noise, poor visibility, or uninformative alerts,” said Jeff Schmidt, Chief Technology Officer at GoSecure. “Titan Identity is a specialized solution intended to complement, rather than compete with, a SIEM by focusing on attacks against domain identity, where specialized technology and insight can deliver superior results.”
Key benefits include:
- Reduced detection and response times through continuous, in-progress visibility into identity attacks across hosts, servers, VMs, containers, desktops and laptops across the enterprise for the Incident Response team
- Increased productivity for analysts by drastically reducing false positives, avoiding an additional UI, and delivering alerts with enriched messages
- Increased return on prior SIEM/SOAR investments by taking advantage of SIEM infrastructure, supporting new SOAR playbooks with automated actions and enabling use of out-of-SIEM logs that exceed your indexing and storage budget
- Verifiable accuracy enabled through continuous, automated testing and quantification of performance
- Lower deployment and change costs by avoiding network probes and sensors
- Enhanced internal team capabilities by providing access to a team of data scientists for growing identity attack detection capabilities
In contrast with other anomaly or signature-based detection systems, Titan Identity is comprised of 30+ discrete detectors and finely tuned machine learning models that are continuously tested to drastically reduce false positives, enabling high confidence alerts within seconds. The design enables the replacement of manual human-oriented workflows with automation that can operate with high confidence. This highly flexible and adaptable service is bundled with access to data science experts that provide ongoing data flow monitoring, detector development, and detector performance tuning services to ensure accurate, measurable results.
“By adopting Titan Identity, you gain rich coverage of attacks against enterprise identity without needing to make trade-offs between detectors on a fixed budget or increase the equipment, index, or logging budgets,” added Schmidt. “Unless an organization has a team of data scientists dedicated to analyzing security datasets, incident responders will continue to struggle to effectively identify, detect and respond to sophisticated attacks on Active Directory.”
GoSecure is a recognized cybersecurity leader, delivering innovative Managed Extended Detection and Response (MXDR) solutions and expert advisory services. GoSecure Titan® managed security solutions deliver multi-vector protection to counter modern cyber threats through a complete suite of offerings that extend the capabilities of our customers’ in-house teams. GoSecure Titan MXDR offers a best-in-class mean-time-to-respond, with comprehensive coverage across customers’ networks, endpoints, and inboxes. For over 10 years, GoSecure has been helping customers better understand their security gaps, improve organizational risk, and enhance security posture through advisory services provided by one of the most trusted and skilled teams in the industry.