LONDON and SAN FRANCISCO, Jan. 19, 2021 /PRNewswire/ — Digital Shadows, the leader in digital risk protection, today announces that customers using Microsoft Azure Active Directory services will now gain near real-time alerts when the login credentials of their employees are deemed to be at risk. Last year, Digital Shadows uncovered more than 16 billion credentials (such as username and passwords) exposed online. However, many of these are outdated or nonexistent threats which is why the integration between Digital Shadows SearchLight™ and Azure AD will only flag current, critical threats which can be quickly addressed to reduce the risk of account takeover.
Microsoft Azure Active Directory manages more than 1.2 billion identities and processes over 8 billion authentications every day. Additionally, it also supports more than 2,800 pre-integrated software as a service (SaaS) applications. This makes it a critical sign in tool for businesses worldwide. It also provides a rich source of data to check the validity of current credentials and a valuable defense for Digital Shadows customers against the risk of account takeover.
This integration builds upon one announced last year with Okta and further increases the capability of SearchLight to enable security teams to easily validate exposed credentials and take action to keep attackers out of critical systems.
Russell Bentley, VP Product at Digital Shadows: “The sheer amount of breached credentials is staggering but the real issue is triaging them all so that organizations know which ones are current, valid and therefore, a concern. This process can be incredibly time consuming for security teams as they wade through all the invalid, fake or old credentials to find those that pose a risk. The integrations that we have built for SearchLight with Okta and now Azure AD automates this process so it can instantly verify which credentials organizations should be concerned about and need action.”
Features of the new Microsoft Azure AD integration in SearchLight, include the ability to:
- Identify exposed credentials in near real-time: Automated detection of exposed credentials across the broadest set of sources, with source info updated as it becomes available
- Reduce triage time with auto-rejection: Instant validation for usernames of both retrospective and recently raised exposed credential alerts
- Maintain multiple active directories: Support for organizations with multiple AD instances
- Security teams can ‘be in the know’ of all rejection activity: All automatic rejections are recorded in the activity log, helping security teams stay synchronized.