Experts Expose the Most Common Identity Security Gaps Leading to Compromise

When it comes to identity protection, what lies above the ground are the user accounts and configurations we’re aware of, for which we can design and implement defenses.

But below the known identity attack surface exists an underground world of Identity Threat Exposures (ITEs): misconfigurations, forgotten user accounts, legacy settings, and insecure built-in features. These ITEs are attackers’ inside collaborators, offering an easy path to access credentials, escalate privileges, and move laterally, both on-prem and in the cloud.

The Identity Underground is the first ever threat report 100% focused on the prevalence of identity security gaps – using Silverfort’s own proprietary data. The goal of this report is to provide you with insight into the identity security weaknesses you may not be aware of and empower you to make informed decisions on where to invest in identity security.   

Highlights of this report include: 

• 67% of organizations expose their SaaS apps to compromise with insecure on-prem password sync.

• 37% of all user accounts authenticate via the weakly encrypted NTLM protocol, providing attackers easy access to cleartext passwords.

• 1 AD misconfiguration = 109 new shadow admins (on average) 

• 31% of user accounts are service accounts – yet only 20% of companies are confident they can protect service accounts

• And more