QOMPLX Expands “Privilege Assurance: Graph View” Visualizing Your Vulnerabilities and Enabling Rapid Response

Rhea-AI Summary

QOMPLX has announced a significant enhancement to its Q:CYBER Privilege Assurance product with the introduction of Graph View. This feature allows organizations to visualize potential attack pathways in their cybersecurity infrastructure against Active Directory vulnerabilities. By enabling quicker identification of misconfigurations and high-value asset risks, Graph View reduces the time needed to recognize threats from days to minutes. The new capability is designed to strengthen defenses against ransomware and other cyber intrusions, aligning with QOMPLX's ongoing commitment to enhancing their cybersecurity offerings since 2015.

Positive

• Introduction of Graph View enhances Q:CYBER Privilege Assurance, allowing faster identification of cybersecurity vulnerabilities.
• Reduces threat visibility time from days to minutes, potentially averting severe breaches.
• Equips organizations with powerful analytics for mapping attack paths and understanding risks.

Negative

• Potential increased scrutiny on Active Directory security following high-profile attacks may add pressure on compliance and security measures.

See your Active Directory the way a hacker does — before you become a target

TYSONS CORNER, Va., June 15, 2021 (GLOBE NEWSWIRE) -- Today, QOMPLX announces a robust feature expansion for its Q:CYBER Privilege Assurance product: “Graph View”. It empowers customers to more quickly see and predict specific weaknesses in their cybersecurity posture, showing defenders the attack paths and misconfigurations that ransomware gangs, hostile nations, or other malign actors might take during an intrusion. 

Using Graph View, organizations can easily:

• See the Attacker’s View: See the paths to your “High Value Target” assets
• Predict The Damage: Know the “blast radius” of a potentially compromised asset
• One Hop Away: All nodes that are one “hop” away from a given start or target asset
• Avoid Common Mistakes: Highlighting common misconfigurations or privilege delegations that cause harm

Cyber attackers frequently exploit group memberships, inherited privileges and other hidden pathways to take complete control of customers’ Windows networks. Unraveling those hidden pathways is time-consuming and expensive. 

Privilege Assurance with Graph View helps customers cut the time to see attack paths from days to minutes, making disastrous lateral movement attacks like the SolarWinds breach far less likely.

Windows Active Directory is the world’s most widely deployed critical infrastructure - it deserves and demands continuous monitoring and control oversight. Privilege Assurance with Graph View is QOMPLX’s next-generation technology for identifying, analyzing and scoring the security of identity and access management platforms like Active Directory. Graph View enables customers to harden their networks, and provides the foundation for enhanced risk analytics used by QOMPLX’s Risk Cloud, and by the QOMPLX Q:CYBER and Q:INSURANCE tool suites.

While multiple crippling and costly cyber events stemming from Active Directory attacks have made frontpage headlines recently, such as the attacks on Colonial Pipeline and JBS Foods, QOMPLX has been researching and architecting concrete solutions to defend Active Directory since 2015, and has been issued dozens of related patents dating back to 2017.  For many of the world’s leading banks, insurers, and other customers critical to our modern digital economy, Q:CYBER Privilege Assurance is already deployed helping to protect their networks. Now, extending Graph View further accelerates the advanced capabilities of the integrated product suite QOMPLX offers to help organizations better see and manage a holistic picture of risk.

“Nearly all organizations have substantial investments in Windows infrastructure. Aging, opaque and lightly defended, this critical infrastructure is being ransacked by criminal ransomware gangs and state-sponsored privateers with alarming regularity,” said Andy Jaquith, QOMPLX’s CISO and General Manager of Cyber. “With Graph View, customers see Active Directory the way attackers do—as a graph. Using powerful analytics, customers can identify and shut down pathways attackers use to gain elevated privileges, reducing the risk of ransomware or other catastrophic breaches.”

Graph View builds attack plans, shows relationships between Active Directory nodes, and identifies paths to high-value targets (HVTs). An ever-expanding set of built-in, standard graph queries include systematically mapping Windows domain trusts, building attack paths to specific targets, exploring “nodes of interest,” finding all domain administrators, and simulating the “blast radius” of compromised nodes. These features, built to give customers’ defensive teams an edge against attackers, save security teams days of costly and error-prone research time, and take decisive action to reduce their critical risks.

Graph View employs Q:CYBER’s Privilege Assurance (PA) product to scan and map users, groups, computers, entitlements, trusts and other directory services objects from across client environments. Graph View uses intuitive notions of nodes, edges, weights, queries—but as a scalable, fast, enterprise-grade, software-as-a-service offering designed for even the largest of network environments. Graph View uses cutting-edge graph databases and in-memory caching to deliver lightning-fast analytics and insights at scale.

Q:CYBER is the only unified Identity and Privilege Access Management solution capable of both automatically detecting some of the world’s most catastrophic data breach techniques in real-time, like Golden Ticket and Silver Ticket attacks, and visualizing the likely attack paths hackers took to execute the breach. Combined with QOMPLX’s Identity Assurance detections - which validate Kerberos and SAML authentication transactions - Privilege Assurance and Graph View dramatically improve prevention and response efforts in modern enterprises and government agencies seeking to gain control over their hybrid authentication infrastructure and move towards Zero Trust network architectures.

About QOMPLX
QOMPLX helps organizations make intelligent business decisions and better manage risk through our advanced, proprietary risk cloud. We are the leaders at rapidly ingesting, transforming, and contextualizing large, complex, and disparate data sources through our cloud-native data factory in order to help organizations better quantify, model, and predict risk.  Our specialized experts and technology solutions in cybersecurity, insurance, and finance power leading global corporations and mission critical public sector agencies. 

For more information, visit qomplx.com and follow us @QOMPLX on Twitter.

CONTACT:
James Faeh, Director of Corporate Communications 
james.faeh@qomplx.com

FAQ

What is the new feature announced by QOMPLX for their Q:CYBER product?

QOMPLX introduced a new feature called Graph View for their Q:CYBER Privilege Assurance product to enhance cybersecurity posture.

How does Graph View impact cybersecurity risks for organizations?

Graph View allows organizations to identify attack paths and misconfigurations quickly, reducing the time to see threats from days to minutes.

When was the Graph View feature for Q:CYBER announced?

Graph View was announced on June 15, 2021.

What advantage does Graph View provide regarding Active Directory vulnerabilities?

Graph View helps organizations visualize and predict attack paths to high-value assets, improving their defenses against cyber threats.

Is Graph View integrated with other QOMPLX products?

Yes, Graph View is part of the integrated product suite of QOMPLX, enhancing risk analytics alongside Q:CYBER and Q:INSURANCE tools.