Singularity™ Identity vs Discovery and Enumeration Using LOLBins
The attack on Cisco shows that identity-based attacks are a leading threat vector used in data breaches. From the perspective of a threat actor, targeting identity and access management gaps through compromised credentials is the quickest path to reaching a target’s resources and critical data. Attackers are very aware that Active Directory is the crown jewel of a business, granting them the ability to exfiltrate sensitive information, install backdoors, alter security policies, and more.
Singularity™ Identity detects user account enumerations against Active Directory. In addition, it includes any targeted Active Directory objects a threat actor may query to understand the privileges and groups.