It’s no surprise that attackers typically go for the “lowest-hanging fruit.” They want to spend as little time and get as much of a reward as possible. Often, this results in attackers targeting users with the most privileged level of access.
AzureStealth is a new project that hopes to help IT teams gain more visibility into who has access to what. AzureStealth allows admins to discover what users have the most sensitive or risky permissions.
By using the tool, companies can ensure that those highly privileged users are well secured. This can be achieved through efforts such as having strong credentials, having multi-factor authentication enabled, and being carefully monitored.
This tool can also identify shadow admins, which are users that can easily escalate their own privileges to become full admins.
“Remember that we cannot protect the things we [aren’t] aware of, and AzureStealth helps in the complex mission of discovering the most privileged Azure users,” the project’s GitHub page states.
The project was created by Asaf Hecht, cyber security research team leader at CyberArk.