Latest news with #PathstoPrivilege
TECHx
6 days ago
- Business
- TECHx
Phantom Labs Boosts BeyondTrust's Cyber Research
Home » Emerging technologies » Cyber Security » Phantom Labs Boosts BeyondTrust's Cyber Research BeyondTrust, has announced the official launch of its dedicated cybersecurity research team, BeyondTrust Phantom Labs™. This move marks a significant milestone in BeyondTrust's mission to enhance identity security and advance threat analysis. Phantom Labs aims to uncover emerging cyber threats, support industry collaboration, and shape global security standards. The team builds on years of experience in real-world threat analysis, vulnerability disclosures, and identity-focused innovation. According to BeyondTrust, Phantom Labs will adopt an attacker mindset to reveal how threat actors escalate access and maintain control. The company also revealed that new research leadership and strategic hires will accelerate this effort. The research team is expected to help defenders proactively detect and disrupt identity exploitation across hybrid and cloud environments. BeyondTrust's research goals include:• Original threat research and vulnerability discovery• Defender guidance such as mitigation playbooks • Driving innovation across the BeyondTrust product portfolio The company reported that Phantom Labs formalizes the work of existing researchers who have helped uncover critical vulnerabilities and contributed to real-world incident response. One such case involved key intelligence provided to Okta during a high-profile security breach. Recent research contributions include:• Discovery of stealth privilege escalation risks in Microsoft Entra guest accounts• Development of detection models to identify session hijacking • Integration of the Paths to Privilege research framework into the BeyondTrust platform BeyondTrust also continues to collaborate with the Adventures of Alice & Bob podcast to raise awareness about cybersecurity risks. To strengthen Phantom Labs, the company announced several strategic appointments. Kinnaird McQuade has joined as Chief Security Architect. He is known for developing Cloudsplaining, a popular open-source tool that supports detection of data exfiltration and privilege escalation in hybrid and cloud environments. Fletcher Davis has been appointed to lead Phantom Labs. He is a red team expert with deep experience in simulating threat actor behavior and exposing hidden identity risks. The company's research strategy is overseen by Marc Maiffret, BeyondTrust's Chief Technology Officer. Maiffret is a veteran in cybersecurity and vulnerability research. He helped pioneer the first commercial security research teams more than 25 years ago. Maiffret stated that traditional PAM solutions often fall short when dealing with complex, cross-domain attack paths. He emphasized that identity security requires a dedicated platform backed by research. BeyondTrust says it is meeting that challenge with its Pathfinder platform and Phantom Labs, combining purpose-built tools with deep threat analysis to secure identities and access across modern enterprise environments.
Techday NZ
05-08-2025
- Business
- Techday NZ
BeyondTrust launches Phantom Labs to boost identity security research
BeyondTrust has established a dedicated cybersecurity research team, called Phantom Labs, as part of its focus on identity security and threat intelligence. Phantom Labs will draw upon years of security research and will aim to identify new threats related to identity exploitation, particularly in increasingly complex hybrid and cloud computing environments. The newly formed research team is tasked with investigating the techniques used by threat actors to escalate privileges and maintain unauthorised access, a process described by BeyondTrust as "thinking like an attacker". The intention is to help security professionals gain a deeper understanding of potential vulnerabilities so they can proactively address risks and prevent attacks that target identity systems. Research focus The expanded research function is intended to deliver several benefits to the global cybersecurity community. These include carrying out original threat research and vulnerability discovery, producing guidance for defenders in the form of mitigation playbooks and hardening recommendations, and collaborating with BeyondTrust's product teams to support the development of new security features. BeyondTrust stated that Phantom Labs formalises the work previously undertaken by its security researchers, who have already contributed intelligence and support to high-profile security incidents. Such investigations have included the discovery of critical vulnerabilities and the provision of threat intelligence that aided the response to major security breaches, including one suffered by Okta. Recent contributions The company highlighted recent contributions from its research team, which include identifying privilege escalation risks in Microsoft Entra guest accounts, developing detection models for session hijacking using data science, and releasing the Paths to Privilege research framework. The framework is now part of the BeyondTrust platform. Additionally, the team continues to work with initiatives such as the Adventures of Alice & Bob podcast to improve understanding of cybersecurity challenges across the industry. New leadership roles Alongside the launch of Phantom Labs, BeyondTrust has announced a series of new appointments to strengthen its research and development efforts. Kinnaird McQuade has joined BeyondTrust as Chief Security Architect. McQuade is known for his contributions to cloud identity security, notably through the creation of Cloudsplaining, an open-source tool with more than 40 million downloads. This tool has been used widely by security professionals to identify and mitigate risks such as data exfiltration, lateral movement, and privilege escalation, especially in hybrid and cloud environments. Fletcher Davis, an offensive security researcher and red team specialist, has been appointed to lead Phantom Labs. Davis brings experience in simulating threat actor behaviour, exposing cross-domain identity risks, and revealing complex attack paths in enterprise settings. The research activities at Phantom Labs will operate under the direction of Marc Maiffret, Chief Technology Officer at BeyondTrust. Maiffret is recognised for decades of work in identifying major software vulnerabilities and co-founding one of the early vulnerability management platforms. 'Think like a hacker.' That mindset shaped my first security startup over 25 years ago, where we helped define Vulnerability Management and built one of the first commercial security research teams," says Marc Maiffret, CTO, BeyondTrust. "Great security products require more than customer insight. They need research teams anticipating threats before they emerge. Traditional PAM solutions lag behind in addressing complex, cross-domain attack paths. And Identity Security isn't a feature you bolt on. It demands a purpose-built platform, led by research. BeyondTrust delivers that with Pathfinder and Phantom Labs - a platform purpose built to secure identities and access, powered by a team uncovering tomorrow's threats today. BeyondTrust's statement emphasised that these recent investments and changes are intended to support its mission to empower defenders with actionable insights and to foster industry collaboration on identity security standards. The company's expansion of its research function and leadership reflects what it describes as a strategic milestone as organisations continue to grapple with the challenges posed by hybrid IT and cloud environments, where identity now plays a central role in overall cybersecurity.
Yahoo
04-08-2025
- Yahoo
BeyondTrust Research Exposes Hidden Privilege Threats: Secrets Are the New Identity Crisis Awaiting Agentic AI
New data from Identity Security Risk Assessments reveals critical blind spots in non-human identity posture BeyondTrust's latest solution brings secrets into full view, just as Agentic AI spins up at scale LAS VEGAS, Aug. 04, 2025 (GLOBE NEWSWIRE) -- BeyondTrust, the global leader in identity security protecting Paths to Privilege™, today announced the expansion of its Identity Security Insights™ solution to include Secrets Insights, a new capability designed to illuminate and secure the hidden attack surfaces created by secrets and non-human identities. As Agentic AI systems begin to autonomously interact with infrastructure, make decisions, and even provision access themselves, the hidden risks posed by unmanaged secrets and non-human identities become exponentially more dangerous. This launch comes on the completion of the initial class of Identity Security Risk Assessment engagements conducted across a wide range of industries and company sizes. The results are eye-opening: Dormant service accounts with privilege were found in over 70% of environments Overly permissive Entra Service Principals create direct pathways to Global Admin privileges, exposing entire Microsoft 365 environments to potential takeover Credentials reused across multiple service accounts by human admins, enabling a single compromised password to compromise numerous non-human accounts Low-privileged users can escalate to administrative access across Active Directory, Entra, AWS, Okta, and GitHub through hidden privilege escalation paths built on configuration oversights, federation, synchronization AD Service accounts bridge on-premises and cloud environments with Active Directory accounts holding privileged Entra roles, creating cross-platform attack vectors Ineffective GitHub repository access management, leading to uncontrolled secret access and unauthorized access to sensitive code, often accessible through personal Github accounts 'These identity infrastructure issues aren't just misconfigurations, they're invitations,' said Marc Maiffret, CTO at BeyondTrust. 'Our Identity Security Risk Assessment data shows that many organizations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organizations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges.' The new Secrets Insights capability builds on the success of BeyondTrust's Identity Security Insights platform, which already provides deep visibility into Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, and Ping Identity, and GitHub. Now, organizations can extend that same level of insight to secrets, such as API keys, service account credentials, tokens, and more, across hybrid and multi-cloud environments and their vaults. Key Benefits of Secrets Visibility: Discovery of unmanaged secrets across cloud and on-prem environments Discovery of users with direct and indirect access to secrets Risk scoring and prioritization based on exposure and privilege level Integration with BeyondTrust Password Safe for automated remediation 'As organizations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security', said Maiffret. Secrets Insights will be available later this year. BeyondTrust continues to offer complimentary Identity Security Risk Assessments, often completed in less than 48 hours, to qualified organizations, helping them uncover hidden privilege and secrets risks and chart a path toward Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access. To learn more or schedule an Identity Security Risk Assessment, visit: About BeyondTrust BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders. BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners. Learn more at Follow BeyondTrust:X: Blog: LinkedIn: For BeyondTrust: Mike BradshawConnect Marketing for BeyondTrustP: (801) 373-7888E: mikeb@
