ManageEngine Enhances AD360 With Risk Exposure Management and Local User MFA Features to Strengthen Identity Threat Defenses
Additionally, ManageEngine has enhanced AD360's access certification module, which now includes expanded entitlements for comprehensive review coverage, and the risk assessment capabilities feature new indicators for improved identity risk monitoring across AD and Microsoft 365 environments. These enhancements are designed to streamline compliance reporting and strengthen access governance across the enterprise. The new capabilities support NIST SP 800-207 on Zero Trust architecture, align with PCI DSS Version 4.0 Requirement 8, and facilitate SOX, HIPAA, and GDPR controls.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Al Bawaba
2 days ago
- Al Bawaba
ManageEngine Endpoint Central Delivered 442% ROI According to Total Economic Impact Study
ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced the findings of a commissioned Total Economic Impact™ (TEI) study, conducted by Forrester Consulting, of Endpoint Central, its unified endpoint management and security (UEMS) platform. The study revealed that a composite organization, which is a representative of interviewed customers, realized a 442% return on investment (ROI) over three years and achieved a full payback within six at capturing real-world outcomes experienced by enterprises using ManageEngine's UEMS platform, the study also found that interviewed customers gained $4.5 million in total benefits over three years, with a net present value (NPV) of $3.7 million. The exercise was carried out independently by Forrester through in-depth interviews with four customers and financial modeling of a composite organization. 'We've always aimed to deliver meaningful outcomes through Endpoint Central, and it's rewarding to see those results consistently reflected in our customers' experiences—and now quantified in this TEI study,' said Mathivanan Venkatachalam, vice president of ManageEngine. 'Many of our customers have significantly reduced operational overhead and administrative burden by replacing multiple tools with Endpoint Central. That's exactly the kind of outcome Endpoint Central was built to deliver.'Key Findings From the StudyWhile ROI is a key outcome, Endpoint Central's broader business impact is evident in the following significant gains realized across productivity, cost, and performance: • Reduced manual patching effort by up to 95% through automated patch management, resulting in $913,000 in productivity gains over three years.• Legacy tool consolidation through Endpoint Central led to over $1 million in savings over a three-year period.• Secure self-service and remote troubleshooting across IT functions were implemented, reducing help desk effort and improving end-user efficiency.• Improved real-time visibility and control over hardware and software assets and efficient reclamation of unused licenses.• Elimination of manual report generation through automated endpoint analytics and reporting per the study, Endpoint Central also enhanced the IT team's ability to support users across geographies and work models through its unified interface and management capabilities. Customers experienced greater endpoint stability and improved end-user experience due to reduced downtime and fewer disruptions. Beyond operational efficiency, customers also shared real-world gains in compliance, security posture, and insurance savings. 'Our compliance rate of devices went from 70% to more than 95% after using Endpoint Central. Devices are much more stable and easier to manage. We were even able to save cyber insurance costs due to this increased security posture,' said an IT director in the software services industry in the study.
Al Bawaba
30-07-2025
- Al Bawaba
IBM Report: Data Breach Costs Drop 18% in the Middle East, Reaching SAR 27 Million in 2025
IBM (NYSE:IBM) released its 2025 Cost of a Data Breach Report, revealing that the average cost of a data breach for businesses in the Middle East reached SAR 27.00 million. This represents a decrease of approximately 18% from SAR 32.80 million the year prior. According to the report, the top three factors that reduced breach costs for local businesses were AI/ML-driven insights, encryption and a DevSecOps the Middle East, lost business remained the largest cost category in 2025, averaging SAR 11.63 million per breach. This was followed by post-breach response costs at SAR 7.50 million, detection and escalation at SAR 6.55 million, and notification costs at SAR 1.32 million. While overall breach costs have declined this year, these figures underscore the continued financial strain organizations face across the entire breach lifecycle — from discovery to sectors continued to face significantly high breach costs in 2025. This year, the financial sector recorded the highest total breach cost reaching SAR 34.00 million, followed closely by energy and industrial at SAR 32.00 million.'It is encouraging to see a meaningful decline in the cost of data breaches in the Middle East this year. It is no coincidence that a region with some of the world's boldest AI ambitions is also seeing less costly breaches. As organizations accelerate the adoption of AI-driven tools for security, they are improving their ability to detect and contain threats before they escalate. But as attackers grow more sophisticated, continued investment in AI-driven security tools, security talent, and AI governance tools will be essential to sustaining this momentum,' said Saad Toma, General Manager of IBM Middle East and key findings in the 2025 IBM report for the Middle East include:• Mitigating risks of AI model attacks – To reduce the risk of attacks on AI models, organizations in the Middle East are most commonly implementing access controls on AI systems (41%). By contrast, just 3% of breached organizations globally had such controls in place, highlighting the region's more proactive approach to securing and governing AI.• AI governance adoption – 38% of surveyed organizations reported having formal AI governance policies in place, with an additional 24% starting to develop them. For those with policies in place, the most common elements include strict approval processes for AI deployments (45%), adversarial testing (44%) and the use of AI governance technology (43%).• Factors that increase costs – Organizations with security system complexity incurred an average additional cost of SAR 867,378. Breaches affecting IoT or OT environments added SAR 839,750, while security staff shortages raised costs by SAR 818,997 on average.• Top initial attack vectors – The most common initial causes of data breaches in 2025 were third-party vendor and supply chain compromise, which account for 17% of incidents and carried an average cost of 29.60 million. Denial of service attacks and phishing each made up 14% of breaches, with average costs of SAR 27.20 million and SAR 28.00 million respectively. Malicious insider threats, while slightly less frequent at 11%, resulted in the highest average cost at SAR 33.00 million. The 2025 Cost of a Data Breach Report analyzed real-world data breaches from over 600 organizations worldwide from March 2024 through February 2025, including organizations from Saudi Arabia and the United Arab Emirates. Conducted by Ponemon Institute and sponsored and analyzed by IBM, the Cost of a Data Breach Report has investigated nearly 6,500 data breaches over the past 20 years.
Al Bawaba
23-07-2025
- Al Bawaba
ManageEngine Enhances AD360 With Risk Exposure Management and Local User MFA Features to Strengthen Identity Threat Defenses
ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced the general availability of identity risk exposure management and local user MFA features in AD360, its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure unmanaged local accounts, two common identity attack vectors that attackers continue to exploit at remains the primary attack vector in modern enterprises, as shown by Verizon's 2025 Data Breach Investigations Report, which found that credential abuse was the initial access vector in 22 % of breaches. The report also highlighted widespread abuse of poorly managed local accounts and privilege paths across over 12,000 confirmed breaches."With this release, ManageEngine AD360 moves beyond traditional IAM by embedding identity threat defenses into core identity operations. By turning identity data into actionable security insights, we're helping customers make IAM the first line of defense, not a check box," said Manikandan Thangaraj, vice president of ManageEngine. While most IAM tools focus on provisioning and policy enforcement, AD360 adds risk exposure mapping via attack path analysis as well as local MFA enforcement, helping enterprises close attack paths that often go undetected. This marks a key step in identity management evolving from an access control layer into an active security Capabilities• Identity risk exposure management: Graph based analysis maps lateral movement and privilege escalation paths in Active Directory (AD), automatically prioritizing risky configurations and recommending remediation steps. The graph engine models AD objects as nodes and privilege inheritance as lines, revealing multi step attack chains in real time, with actionable suggestions that IT teams can implement to close exposed paths.• Local user MFA: This feature extends adaptive MFA to local accounts on non domain joined servers, DMZ assets, and test environments, thwarting credential stuffing and persistence techniques. • ML driven access recommendations: During provisioning and access review campaigns, machine learning analyzes permission patterns and suggests adjustments to implement least privilege access, helping prevent excess entitlements. Additionally, ManageEngine has enhanced AD360's access certification module, which now includes expanded entitlements for comprehensive review coverage, and the risk assessment capabilities feature new indicators for improved identity risk monitoring across AD and Microsoft 365 environments. These enhancements are designed to streamline compliance reporting and strengthen access governance across the enterprise. The new capabilities support NIST SP 800-207 on Zero Trust architecture, align with PCI DSS Version 4.0 Requirement 8, and facilitate SOX, HIPAA, and GDPR controls.
