Quest Software, a global systems management, data protection and security software provider, today announced a strategic partnership with SpecterOps, a provider of adversary-focused cybersecurity solutions, to help organizations defend against attacks in Active Directory (AD) and Microsoft 365 environments. Given that Microsoft reported over 25 billion attempted attacks on enterprise accounts in 2021, finding an attack path to an organization’s AD is virtually guaranteed. SpecterOps BloodHound Enterprise prioritizes and quantifies attack path choke points, enabling customers to focus their remediation efforts on eliminating the paths that provide the most exposure. This partnership highlights Quest’s continued commitment to strengthening the cyber resilience of its customers’ enterprises.
“Historically, other solutions have failed to focus on what’s most important the thousands of paths an attacker can exploit that lead from ordinary user accounts or computers all the way to a critical Tier 0 asset like a domain controller, privileged group or backup,” said Michael Tweddle, President and General Manager at Quest. “To further improve our cyber resiliency offering, Quest has partnered with SpecterOps to empower organizations to eliminate AD attack paths that lead to their highest value targets all while empowering them to track improvement to their security posture over time.”
Traditionally, eliminating attack paths has been a challenge, as security practitioners tend to think in lists (checking thousands of generic configuration issues) while adversaries think in graphs making it easier for them to find an effective attack route. In this strategic partnership, Quest’s AD management and auditing solutions work together with SpecterOps BloodHound Enterprise to solve this problem by arming defenders with a graphical mapping of all AD attack paths, enabling defenders to easily identify, prioritize and eliminate the most vital avenues that attackers can exploit.
Additionally, SpecterOps BloodHound Enterprise monitors and measures the improvement of an organization’s security posture over time via a C-level report card, which highlights risk reduction as misconfigurations are remediated and choke points are eliminated.
What’s more, in the case of a successful attack, SpecterOps BloodHound Enterprise complements Quest Change Auditor and On Demand Audit Hybrid Suite whose real-time anomaly detection capabilities can identify and thwart attacks in progress as well as Quest Recovery Manager for Active Directory Disaster Recovery Edition which recovers AD at least five times faster than the manual forest recovery process, according to ESG Research.
“Now, in partnership with Quest’s AD Management and Auditing solutions, customers are better equipped to defend against increasing AD attacks as well as minimize potential threats with both preventative and restorative measures,” said David McGuire, CEO at SpecterOps. “Our Attack Path Management methodology has proven to be wildly successful in helping organizations reduce their exposure to Attack Paths in traditional Active Directory, and we’re excited to work with Quest to make it more widely available.”
About Quest Software
Quest (quest.com) creates software solutions that make the benefits of new technology real in an increasingly complex IT landscape. Quest helps customers solve their next IT challenge, from maximizing the value of their data, to Active Directory and Office 365 management, and cybersecurity resilience. Around the globe, more than 130,000 companies and 95% of the Fortune 500 count on Quest to become data empowered, deliver proactive management and monitoring for the next enterprise initiative, find the next solution for complex Microsoft challenges, and stay ahead of the next threat. Quest Software. Where next meets now.
SpecterOps (specterops.io) is a provider of adversary-focused cybersecurity solutions and is the creator of the BloodHound free and open-source penetration testing solution, which maps relationships in an Active Directory environment. BloodHound has been recommended by the Department of Homeland Security, PricewaterhouseCoopers and many more. BloodHound Enterprise is the company’s first defense solution for enterprise SOC teams and defenders.