Enzoic announced enhancements to
Enzoic for Active Directory Lite,
its free password auditing tool for revealing compromised credentials
in Active Directory (AD) environments. The latest capabilities scan for
numerous additional credential weaknesses that hackers could exploit,
including accounts without passwords and stale accounts, helping
companies identify these vulnerabilities before they become entry
points.
Active Directory is a popular hacker target, with 50% of organizations experiencing an attack
against the service in the last 1-2 years. While there are numerous
steps companies must take to prioritize AD security, identifying and
securing password vulnerabilities is a critical component. Enzoic for
Active Directory Lite addresses this concern, giving companies insight
into vulnerable accounts in Active Directory and helping secure them
from attack.
Enzoic provides the industry's most comprehensive compromised credential protection by vetting passwords against its proprietary database
containing billions of exposed username and password pairs. The latter
is maintained through a combination of proprietary automated processes,
submitted contributions, and research from Enzoic's threat intelligence
team. In addition, the database is updated multiple times per day,
ensuring that companies' password security reflects the latest breach
intelligence. Enzoic for Active Directory Lite delivers this
unparalleled insight into vulnerable AD accounts with new features
including:
-
Password Sharing: This common security vulnerability often stems
from users failing to change their default account information, as well
as the pervasive problem of password reuse. Enzoic for Active Directory
Lite can now identify users with the same password, allowing
organizations to mitigate the risk.
-
Accounts with Passwords that Never Expire: Many companies follow NIST guidelines
and have eliminated mandatory password expiration policies. However,
with breaches occurring on a real-time basis, it's still critical to
continuously screen these credentials to ensure they have not been
compromised. The latest edition of Enzoic for Active Directory Lite
automates this process.
-
Stale Accounts: Stale accounts pose a significant security risk
as they often still have access to sensitive data or systems. The tool
helps eliminate this vulnerability by identifying how many exist within
the organization so that companies can determine which should be
disabled.
"Given the sensitive data Active Directory provides access to and the
enduring popularity of credentials as a threat vector, it's vital that
companies prioritize AD password security," said Mike Wilson, CTO and
Founder, Enzoic. "The latest release of Enzoic for Active Directory Lite
helps organizations quickly identify password vulnerabilities within
their environment and take immediate action to protect their accounts.
With new breach data continuously available to hackers on the Dark Web,
integrating the free tool should be a best practice for any
security-minded organization."