A Modern Approach to Defeating Identity-Based Attacks

typing in username and password

The past year of cyber crime has been extraordinarily memorable. In Verizon’s most recent Data Breach Investigation Report, they revealed that there were 23,896 security incidents, of which, 5,212 were confirmed data breaches in 2021. In-fact, 82% of these confirmed breaches derived from human error, reassuring us all that the ‘human element’ remains as the most prevalent cause of data breaches. In addition, Verizon also revealed in its study that 61% of data breaches were a result of stolen credentials. As hackers rigorously attempt to target identities – social engineering and stolen credentials have served as the hacker’s key threat actor TTPs.

The rise in identity-based attacks have left CISOs with no other choice but to craft a new security approach with identity security serving as the focal point. According to Gartner, Attack Surface Expansion and Identity System Defense serve as the two primary trends in 2021 that CISOs must understand to be able to address new risks and elevate their role.


Traditional Identity Solutions Still Impose Big Risks

Existing security tools such as Identity and Access Management (IAM), Privileged Access Management (PAM), and Identity Governance & Administration (IGA) are implemented with the goal of confirming identities before authorizing a user fully granted access to its digital environment – a key aspect to the zero-trust model. However, with mass cloud adoption still on the rise, security challenges have prevailed as IT teams move quickly to provision their environments.

In this article, we will go over tips for addressing these trends.


Trend 1 – Attack Surface Expansion:

Between common cloud misconfigurations and the vulnerabilities associated with Active Directory (AD), an additional layer of security beyond access management is required to protect organizations adequately. Gartner recommends security leaders look beyond traditional approaches to security monitoring, detection, and response to manage a wider set of risks.


Trend 2 – Identity System Defense:

Identity systems were already under sustained attack before COVID; however, hackers show no signs of letting up. Common misuse of credentials is now the primary method that attackers are using to access systems undetected to wreak havoc on businesses. Gartner uses the term Identity Threat Detection and Response (ITDR) to describe “a collection of tools and processes used to defend identity systems”.


Next-Gen Identity Security Tools Improve Visibility

Modern, innovative identity security tools such as Identity Attack Surface Management (ID ASM) and Identity Threat Detection and Response (ITDR) are new security solutions that are designed to restore visibility and protect identities, as well as the systems that manage them.

ID ASM limits the exposures attackers are able to exploit by reducing the identity attack surface. The fewer exposures that are identified, the smaller the identity attack surface potential for a hacker.

Endpoint Detection and Response (EDR) is a solution that searches for compromised endpoint, however, ITDR solutions are able to catch attacks targeting identity credentials. Once an attack has been detected, the ITDR solution adds another layer of defense by automatically isolating the compromised device and provides fake decoy data to the hacker.

Pairing these tools with EDR, Extended Detection and Response (XDR), and Network Detection and Response (NDR) provide that additional layer of security beyond identity security – which in contrast prevents any lapse between identity access management and endpoint security solutions.


  • Re-strategize your security tech stack by implementing technologies that address trending threats.
  • If you don’t have the resources to build a robust security defense solution in-house, work with a trusted partner to bolster your security posture and to increase visibility into your firm’s digital ecosystem.


You May Also Like…

Request a Demo

AgileBlue is a software company with an innovative SOC-as-a-Service for 24X7 network monitoring, cloud security, data privacy and compliance.

Our modern SOC-as-a-Service is built on innovative machine learning and autonomous execution. If you would like to discuss our SOC-as-a-Service, Partner Program or schedule a brief demo please give us a little info and we will contact you immediately.