MFA is the cornerstone of preventing lateral movement
MFA crowdsources the immediate protection to the entire workforce rather than burdening the security team with additional alerts.
TRUE POSITIVE:
Effortless attack mitigation with laser-focused Indicators of Compromise (IoCs)
In the case of a true positive, the threat has been immediately addressed by the compromised user with zero burden on the security team. Moreover, the MFA denial ensures that the attack is currently contained within the source machine, enabling the security team to remediate all involved users and machines rapidly and efficiently.
FALSE POSITIVE:
No effort is required from the security team with near-zero workforce impact
Typically, security teams would refrain from disabling users as part of an automated response workflow, fearing the consequences of false positives. However, this concern practically doesn’t exist with MFA, since the worst-case false positive scenario would entail a 1-2 second delay to the user– a negligible price in comparison with alert's manual investigation or mistaken user disablement.
Silverfort is the first solution that can extend MFA verification to all access interfaces and authentication protocols in the AD environment, including command line access tools like PsExec and PowerShell which are lateral movements’ tool of choice.
Preventing Lateral Movement in Active Directory
Preventing Lateral Movement in Active Directory
TRUE POSITIVE:
Effortless attack mitigation with laser-focused Indicators of Compromise (IoCs)
In the case of a true positive, the threat has been immediately addressed by the compromised user with zero burden on the security team. Moreover, the MFA denial ensures that the attack is currently contained within the source machine, enabling the security team to remediate all involved users and machines rapidly and efficiently.
MFA crowdsources the immediate protection to the entire workforce rather than burdening the security team with additional alerts.
MFA is the cornerstone of preventing lateral movement
Silverfort is the first solution that can extend MFA verification to all access interfaces and authentication protocols in the AD environment, including command line access tools like PsExec and PowerShell which are lateral movements’ tool of choice.
FALSE POSITIVE:
No effort is required from the security team with near-zero workforce impact
Typically, security teams would refrain from disabling users as part of an automated response workflow, fearing the consequences of false positives. However, this concern practically doesn’t exist with MFA, since the worst-case false positive scenario would entail a 1-2 second delay to the user– a negligible price in comparison with alert's manual investigation or mistaken user disablement.