Today Cyber Security plays a paramount role in global security. On this blog, the CEO of Paramount Defenses shares rare insights on issues related to Cyber Security, including Privileged Access, Organizational Cyber Security, Foundational Security, Windows Security, Active Directory Security, Insider Threats and other topics.


May 31, 2016

Paramount Defenses to Donate Up To $50 Million in Microsoft Active Directory Audit Software

Folks,

Last month we announced our intention to donate up to $50 Million of our Microsoft Active Directory Audit Tool Software to non-profit and other organizations such as K-12, public universities, hospitals & government agencies in 100+ countries worldwide.

Today, I just wanted to take a few moments to share some relevant details concerning this announcement.


ACTIVE DIRECTORY ON-PREMISES

It is a well-known fact that Microsoft Active Directory On-Premises is the bedrock of organizational cyber security worldwide.


Specifically, over 85% of all business and government organizations worldwide operate on Microsoft Active Directory today.



ACTIVE DIRECTORY IN THE CLOUD

In addition, Microsoft’s recent foray into Cloud Computing and its introduction of Microsoft Azure Active Directory, its multi-tenant cloud based directory and identity management service, as well as Amazon now offering organizations the ability to run Active Directory as a managed service via Amazon Web Services (AWS) Cloud, will further increase the use of Active Directory.


As the world’s use of and reliance on Microsoft Active Directory increases, so does the need to obtain both basic as well as advanced cyber security insight (e.g. the ability to precisely audit privileged users in Active Directory) into Active Directory.




THE NEED FOR TRUSTWORTHY BASIC ACTIVE DIRECTORY CYBER SECURITY INSIGHT

All organizations that operate on Microsoft Active Directory, at a minimum, need to be able to perform basic Active Directory security audits, such as to be able to assess the state of all domain user accounts and security groups in Active Directory.
 
 
Over the years we have found that a large number of organizations have yet to fulfill even these basic needs, and in their attempts to fulfill these basic needs, every day IT personnel from across the world, including from many of the world’s most prominent business and government organizations, continue to seek free tooling in their attempts to fulfill these needs.
 
Unfortunately the concern with most free tooling out there is that there is little to no assurance of it being trustworthy or reliable, and thus, any reliance on it, and especially its use by privileged IT users could seriously jeopardize organizational security.
 
For instance, one such example of a free but highly inaccurate Active Directory Audit Tool can be found here.
 
Similarly, a malicious entity such as a hacking group or an APT could make available a seemingly useful yet covertly malicious tool for free online, which when downloaded and run by an unsuspecting user, could instantly grant them instant unauthorized access privileged access in the organization’s IT network.
 
 
Unfortunately, even though the use of potentially untrustworthy free tooling could substantially endanger organizational security, thousands of IT personnel continue to seek, download and use potentially untrustworthy free Active Directory audit software, thus exposing their organizations to risk. 
 
To help all organizations worldwide trustworthily fulfill their basic Active Directory security audit needs, we have decided to donate $50 Million worth of our entry-level Active Directory Security Audit Software to non-profit organizations, as well as make available a limited version of our trustworthy entry-level Gold Finger Active Directory Security Audit Tool, completely free.

Of course, we primarily help organizations fulfill their advanced Active Directory Audit needs, such as privileged access audit, attack surface reduction, insider threat protection and regulatory audit and compliance, so this is the least we can do for them.





DONATING UP TO $50 MILLION IN ACTIVE DIRECTORY AUDIT TOOLING

To help non-profit and other needy organizations worldwide, we have decided to donate up to $50 Million of our trustworthy  Microsoft Active Directory Security Audit Tool Software, measured at fair market value, to non-profit and other organizations such as K-12 schools, public universities, hospitals and government agencies across over 100 countries worldwide.
 
 
The average donation should be in the vicinity of $10,000 per organization, and we intend to donate our software to approximately 5,000 organizations across 100+ countries. In effect, each such organization will receive an unlimited annual user license of our commercially licensable Active Directory Security Audit Tool, thus empowering all their IT personnel to be able to easily and trustworthily perform basic Active Directory Audits.





OUR FREE ACTIVE DIRECTORY AUDIT TOOL 

In addition to the donation of our entry-level Active Directory Security Audit software, we also made available a free version of the tool, so that all organizations worldwide can trustworthily fulfill their basic Active Directory security audit needs.
 
Free Active Directory Audit Tool
 
Our free Active Directory Audit Tool is a limited version of our licensable Active Directory Security Audit Tool. It lets IT personnel worldwide audit the basic security state of any Active Directory deployment in the world trustworthily and at a button's touch.
 
 
 
Our $50M donation represents a small fraction of the annual potential for our globally deployed Gold Finger product. As the world's top cyber security company, and possibly the world's most security conscious company, this is the least we can do.
 
Best wishes,
Sanjay

May 25, 2016

Its Time to Provide Thought Leadership to the Cyber Security Space

Folks,

Ten years ago, after doing my bit, I had moved on from Microsoft Corporation to help organizations worldwide adequately secure and defend the very foundation of their cyber security and their very lifeline, their foundational Active Directory.


Given my years at MSFT, I had a lot to share with the world back then as well, but as someone once said, mere talk is cheap.



So I silently went to work for an entire decade (2006 - 2016) to address arguably the world's biggest cyber security challenge.


Ten years later, not only have we uniquely addressed it for the entire world, we've made it as easy as touching one button.



Today, my work  speaks for itself, and it uniquely helps secure and defend the world's most powerful organizations worldwide.


Today, what we do at Paramount Defenses is imperative for and mission-critical to the cyber security of Microsoft's ecosystem.



We have much to say, and now that its no longer mere talk, we're going to talk a little.


Starting July 04, 2016, its time to provide thought leadership to the Cyber Security space.


Best wishes,
Sanjay


PS: Between now and July 04, 2016, I'll also cover a few low-key items on this blog because they need to be addressed.