The Service Accounts Challenge: Can't See or Secure Them Until It's Too Late
Apr 12, 2023
Service Account Security
Here's a hard question to answer: 'How many service accounts do you have in your environment?'. A harder one is: 'Do you know what these accounts are doing?'. And the hardest is probably: 'If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?'. Since most identity and security teams would provide a negative reply, it's no wonder that one of the immediate actions today's attackers are doing following an initial endpoint compromised is hunting down unwatched service accounts. And it's even less of a wonder that in most cases, they would succeed in finding one and leveraging it to spread within the entire environment, getting noticed only when it's too late – after workstations and server got encrypted by ransomware or sensitive data was stolen. In this article, we unfold the reasons that have caused service accounts to become one of the most dangerous weaknesse...
