当前位置:首页 >英文主页 >中英对照 > 中译版报告详情

LayerX:2025年企业身份威胁报告:隐藏威胁解析(中译版)(12页).pdf

上传人: 白**** 编号:640362 2025-04-27 12页 1.44MB

下载:

1、THE ONLY REPORT THAT ANALYZES IDENTITY THREATS AT THE USERS POINT OF RISK IN THE BROWSER!The corporate identity is the new security perimeter of modern organizations.In the world of anywhere-work,with most work being done on browser-based SaaS applications,the corporate identity is what stands betwe

2、en keeping organizational data safe,and having it exposed.As a result,securing enterprise identities a key priority for security managers today.What Makes This Report Different(and what data you wont find anywhere else)The uniqueness of LayerXs data is derived from where we get our data from.LayerX

3、is an enterprise security platform deployed directly within our customers browsers.That means that unlike network-layer solutions,which have visibility only to the high-level session-level data,LayerX has visibility to every user action and activity within the browser,regardless of whether that user

4、 is connected to the IdP,using a personal or corporate account,or using a sanctioned or non-sanctioned SaaS application.As a result,LayerX can see and cross-correlate data across corporate and non-corporate accounts,identify user activity on malicious web pages that get through existing protections,

5、and gain visibility into browser activity that is hidden from network-layer or endpoint protections.The report herein covers a wide range of identity risks and threats,including:SummaryThe enterprise users most at risk for credential compromiseNon-corporate and non-SSO shadow identitiesPassword and

6、user account security,which can lead to exposure of user accountsEvasion techniques attackers employ to evade existing protectionsThe risk of browser extensions that have access to sensitive identity |And much moreKey FindingsJust 2%of Users Are Your Biggest Security Risk.These are users who have a

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要分析了企业身份威胁的风险,并提出了LayerX解决方案。 1. 只有2%的企业用户面临最大的安全风险,这些用户有身份泄露的历史,不使用SSO,使用弱密码。 2. 超过三分之二的企业登录事件没有使用SSO,超过40%的企业SaaS应用程序通过个人凭证访问。 3. 超过54%的企业密码被评为中等强度或以下,容易被现代密码破解工具破解。 4. 攻击者使用0小时逃避技术绕过传统云安全工具的防护。 5. 66.6%的浏览器扩展具有“高”或“关键”级别的权限,40%的企业用户安装了这样的扩展。 6. 恶意浏览器扩展可以窃取企业身份。 LayerX解决方案通过在浏览器中直接部署,提供全面保护,包括阻止数据泄露、SaaS应用程序和GenAI工具,防止凭据盗窃,强制执行对SaaS资源的内部或外部工作人员的安全访问,发现和禁用恶意浏览器扩展,以及更多。
企业如何识别和防范身份威胁? 浏览器扩展如何成为企业安全的威胁? 企业如何保护员工免受网络钓鱼攻击?
客服
商务合作
小程序
服务号
折叠