Silverfort Identity Threat Detection and Response integrates with all Identity Providers (IDP) in the environment to perform continuous monitoring, risk analysis, and adaptive access policies on all access attempts, made by all users, to all on-prem and cloud resources.

In this way, access to resources is never granted based on credentials alone. Rather, AD forwards every incoming access request to Silverfort and awaits it verdict before granting or denying access. Silverfort’s risk engine analyzes the authentication and, if risk is detected, prompts the user with MFA to verify if the access attempt was initiated by the user. Based on the user’s response, Silverfort instructs AD to allow access or block it – if it’s indeed lateral movement it will be blocked altogether.

Silverfort is only ITDR solution that enforce MFA verification on the command-line interfaces (PsExec, Powershell, WMI, etc.) that ransomware actors use for lateral movement.

The silverfort way: Identity threat detection and response