• Cyber
  • Jan 8, 2021
  • By QOMPLX

IT World Canada: Jason Crabtree featured in “More 2021 Cybersecurity Predictions: ‘Every Service without MFA will Suffer a Breach’”

IT World Canada: Jason Crabtree featured in “More 2021 Cybersecurity Predictions: ‘Every Service without MFA will Suffer a Breach’”

Jason Crabtree, QOMPLX CEO and co-founder, was featured in IT World Canada’s article, “More 2021 cybersecurity predictions: ‘Every service without MFA will suffer a breach.’

Dozens of industry leaders provided predictions on the cybersecurity world in 2021. The challenges raised by COVID-19, the evolution of ransomware, and quantum computing were all areas of concern.

Crabtree addressed the role of authentication forgery in 2021: “In 2021 attackers will continue to use Kerberos- and SAML-based authentication forgeries, as demonstrated in SolarWinds Orion Sunburst breach, to move laterally and persist surreptitiously inside target networks.  IT leaders will need to further emphasize disabling the fundamentally secure NTLM protocol and focus on stateful validation of Kerberos and SAML to reduce risk of more forged authentication events that give attackers the keys to the kingdom,” said Crabtree.

Read the full article.

You might also be interested in

The path to Trusted Authentication via visibility, detection and analytics

The path to Trusted Authentication via visibility, detection and analytics

Getting to Trusted Authentication

Read more
Q:CYBER Spots Lateral Movement as Used in the SolarWinds (Sunburst) Calamity

Q:CYBER Spots Lateral Movement as Used in the SolarWinds (Sunburst) Calamity

QOMPLX’s leading Q:CYBER software suite detections include Kerberoasting and Golden Ticket attacks, both of which have been reported as being leveraged during lateral movement phases against federal agencies and commercial entities over the course of several months.

Read more
QOMPLX Teams With Splunk To Slam the Door on Lateral Movement

QOMPLX Teams With Splunk To Slam the Door on Lateral Movement

QOMPLX’s Q:CYBER integrates with Splunk Enterprise and Splunk Cloud, providing much-needed visibility into attackers’ lateral movements, including Kerberos ticket forgeries and other attacks on Active Directory.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.