Enzoic released the latest version of Enzoic for Active Directory. The solution prevents users from choosing weak or previously exposed passwords by screening them at their creation and continuously monitoring passwords to ensure they do not subsequently become compromised.
Enzoic’s latest release extends these capabilities to monitor users’ exact username and password combinations, providing the industry’s only Active Directory solution for this level of comprehensive protection against compromised credentials. By leveraging its proprietary dynamically updated database of billions of exposed and compromised credentials, Enzoic helps organizations reduce the risk of a successful account takeover.
With the growing threat from exposed credentials, NIST recommends that companies verify that passwords aren’t compromised before being activated and monitor these passwords on an ongoing basis. In addition, the FBI has mandated the screening of usernames and password pairs to mitigate the risk of a successful attack.
Due to the password reuse problem, organizations need a way to identify and prevent unsafe passwords and full compromised credentials from being utilized. With Enzoic for Active Directory, enterprises now have an automated screening tool that strengthens their defenses against an array of password attacks.
“Organizations face a constant barrage of cyberattacks and desperately need a way to reduce the risk of becoming a victim,” said Michael Greene, CEO, Enzoic. “Enterprises now have a comprehensive solution that detects unsafe passwords and full credentials without adding to the burden on their IT team and with zero friction for users. This helps eradicate the risk of a network breach through Microsoft Active Directory.”
“Our Enzoic implementation has been instrumental in shoring up employee credential security,” said Dennis Yang, Chief Information Officer at the Motion Picture Association. “The ability to identify whether an exact username and password pair is exposed will be a game changer, particularly as we can automate the response to this threat.This means that we’ll have greater confidence in our ability to thwart account takeover attempts without adding any additional burden on our IT team.”
Enzoic for Active Directory now detects when an exact username and password combination is exposed, which poses a significant risk to enterprise security. If full credentials are compromised, a more aggressive remediation plan can be automatically activated. Remediation plans offer a range of actions based on the severity of the threat up to and including immediate disabling of the compromised user account.
In addition, the latest version of Enzoic for Active Directory includes support for multiple policies, allowing companies to set specific password rules and remediation actions by Container, Group, OU, or account. This enables organizations to have a more aggressive monitoring and response for sensitive accounts such as those related to IT or finance.