Palo Alto Networks announces new anti-hacker system:

Theft and abuse of stolen credentials is one of the most common methods cyber adversaries use to successfully compromise and maneuver within an organization to steal valuable assets. Now Verizon has announced a new system that it claims will help companies defend themselves against cyber attacks and data breaches.

According to the 2016 Verizon Data Breach Incident Report (DBIR), nearly two-thirds of the breaches analyzed were, in some part, the result of stolen credentials. Majority of breaches in organisations involve password theft at some stage of the attack lifecycle. Since the vast majority of organisations continue to use simple password-based credentials as the primary means of enabling user access to systems, it is often easier for an attacker to steal passwords than it is to find and hack a vulnerable system or successfully bypass malware detection and threat prevention technologies.

Traditional approaches to stopping credential phishing are rudimentary and rely primarily on educating employees and classifying a phishing site hopefully before someone encounters it. If the organisation's security products miss a new phishing site, the only recourse is to hope that the user doesn't proceed to enter his or her credentials.

In an US based launch event, Palo Alto Networks claims to have delivered the industry's first multi-method, scalable and automated approach designed to prevent credential-based attacks for organisations.

These capabilities prevent the theft and abuse of stolen credentials and complement additional malware and threat prevention and secure application enablement functionality, to extend customer organisations' ability to prevent cyber breaches.

As part of Palo Alto Networks' PAN-OS security operating system version 8.0, credential theft prevention feature highlights include:

-- Automatically identify and block phishing sites. If the site is determined to be phishing, PAN-DB will automatically update the phishing URL category, block the site, and prevent users from accessing it.

-- Prevent users from submitting credentials to phishing sites; by integrating with User-ID technology, the firewall can recognize the movement of enterprise credentials in the traffic. If a user unknowingly attempts to transmit a username and password to an unauthorized site, policies within the firewall can alert or drop the traffic and stop the transmission of credentials.

- Prevent the use of stolen credentials by providing multi-factor authentication framework natively in the next-generation firewall. This capability makes it possible to stop cyber adversaries from moving laterally in a network and accessing sensitive resources with the help of stolen credentials or compromised endpoints.

"We have too often seen headlines that highlight credential theft as one of the primary methods cyber adversaries use to gain access to networks, systems and assets. For years, there has been an absence of an effective and scalable way for organizations to address this challenge. We are pleased to introduce these unique and industry-leading capabilities as part of our Next-Generation Security Platform and to deliver yet another innovation among many designed to help organizations prevent cyber breaches," said Lee Klarich, executive vice president, Product Management, Palo Alto Networks.

For more tech news follow us on Google+.                                                      Kanjoos Tech