sb-au logo
Story image

Palo Alto amplifies endpoint platform to tackle credential theft

08 Feb 2017

Palo Alto Networks has included new functionality into its security platform that now prevents theft and abuse of stolen credentials, the company announced today.

The company says credential abuse and theft are two main ways threat actors are able to compromise and move within an organisation to steal valuable assets. The 2016 Verizon Data Breach Incident Report showed that more than two thirds of organisational breaches were, at least in part, the result of stolen credentials.

While most organisations use simple passwords without multi-factor authentication to enable user access to systems, Palo Alto says these are usually the easiest ways to breach an organisation, compared to hacking vulnerable systems or using malware attacks.

The lack of effective approaches to credential phishing also hinder effective cyber protection, as they rely on employee education and classification as a phishing site before an employee encounters it.

Jeff Wilson, IHS Market’s senior research director of cybersecurity technology, says credential theft is still a major challenge worldwide.

"Palo Alto Networks is bringing to market a unique approach to intercepting the problem at the network level. When this feature is tightly integrated with identity access management solutions, organisations can make significant progress towards ending credential theft," he continues.

The new technology, available to customers worldwide, can:

  • Automatically identify and block phishing sites using machine learning
  • Prevent users from submitting credentials to phishing sites
  • Use a policy-based multi-factor authentication framework within the next-generation firewall

"We have too often seen headlines that highlight credential theft as one of the primary methods cyber adversaries use to gain access to networks, systems and assets,” comments Lee Klarich, Palo Alto Networks executive VP, product management.

For years, there has been an absence of an effective and scalable way for organisations to address this challenge. We are pleased to introduce these unique and industry-leading capabilities as part of our Next-Generation Security Platform and to deliver yet another innovation among many designed to help organisations prevent cyber breaches," Klarich concludes.

Story image
Fortinet SOARs to new heights of protection on the wings of AI & automation
Jon McGettigan, Fortinet A/NZ Regional Director, talks about SOAR (security orchestration, automation and response) and explains that effective SOAR starts with your security policy.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Link image
Phishing campaigns aren't stopping - but neither are their opponents
COVID-19 is presenting the perfect opportunity to cyber attackers to mount potentially devastating spear-phishing campaigns against organisations via their remote workers. Learn how to fight back.More
Story image
Zero trust is the way to secure the distributed workforce - Empired
Existing security solutions need to evolve to accommodate the new remote workforce.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More