Press release

“Honeytokens” Provide StealthDEFEND Users a New Tool for Detecting and Preventing Active Directory Credential Theft in Version 2.1

Sponsored by Businesswire

STEALTHbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced the release of StealthDEFEND 2.1, their real-time threat detection and response platform.

Commonly used and highly successful credential compromise techniques like Pass-the-Hash and Pass-the-Ticket are notoriously difficult to detect amidst the noise of everyday activities within Active Directory. To an observer, they appear to be legitimate authentication events, and to Active Directory, they are. However, the use of deception methods like honeypots have proven to be particularly effective in capturing less savvy or careless attackers at a minimum, allowing security practitioners to proactively detect and thwart attempts to compromise their credentials and the resources they provide access to.

In StealthDEFEND 2.1, users now have the ability to employ a useful and effective application of the honeypot concept within Active Directory domains using centrally managed honeytokens. Overcoming the manual hurdles and complexities administrators have had to deal with in the past when trying to leverage honeytokens, StealthDEFEND allows users to create, configure, deploy, and manage honeytokens in bulk and at scale. The result is the creation of a digital trip wire throughout an organization’s infrastructure, providing an early warning alert that allows security teams to respond quickly and with confidence. With reduced time to detection potentially earlier in the kill chain, organizations can dramatically mitigate the risks and impact of successful data breach outcomes.

“With honeytokens, users will be able to inject fake credentials into system memory,” said Rod Simmons, VP of Product Strategy over STEALTHbits’ Active Directory solution portfolio. He continued, “The level of configuration and customization we provide makes the honeytokens appear to be legitimate to an attacker, but will actually trigger an alarm if the attacker attempts to use or find information about the account. In combination with the other threat detection and response components of StealthDEFEND, honeytokens flip the script on the attacker, enabling the ‘deceived’ to become the ‘deceivers’.”

Additionally, StealthDEFEND 2.1 provides users with multiple performance and functionality improvements, including:

  • AD Replication Permissions Threat Alerting
  • Improved Internal Product Audit Logging
  • AD Sync Enhancements
  • And more…

To learn more about StealthDEFEND 2.1, visit


STEALTHbits Technologies is a cybersecurity software company focused on protecting an organization’s credentials and data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operations expense.

Identify threats. Secure data. Reduce risk.

For more information, visit or call +1-201-447-9300.

The STEALTHbits logo and all other STEALTHbits product or service names and slogans are registered trademarks or trademarks of STEALTHbits Technologies, Inc. All other trademarks and registered trademarks are property of their respective owners.