Tenable Selected by Bank of Yokohama to Secure its Active Directory and Eliminate Attack Paths

Tenable®, Inc. the exposure management company, today announced that Bank of Yokohama, one of the largest of the major regional banks in Japan, has chosen Tenable Identity Exposure to protect its Active Directory and enhance the bank’s ability to protect its internal systems from cyber threats.

Bank of Yokohama, based in Kanagawa Prefecture and Tokyo Metropolitan, is committed to enhancing industry security standards. In 2023, it collaborated with 19 other regional banks to establish CMS-CSIRT, an organization providing mutual cybersecurity support. Unlike megabanks, regional banks often face resource and budget constraints, making such collaborative efforts crucial for implementing effective security programs.

As part of its objectives for FY 2023, the Bank of Yokohama wanted to improve Active Directory (AD) security as it’s the most crucial system in the bank’s intranet. Previously, the bank only applied security patches periodically without any tool or system to detect Active Directory misconfigurations or attacks. Given the evolving threat landscape and rise of attacks involving an identity breach, enhancing the security of Active Directory became a top priority.

“Attackers who have infiltrated an organization's internal system or who wield ransomware and other malware, almost always make a beeline for Active Directory,” said Mr. Akihiro Fushimi, Leader, Concordia Financial Group ICT Governance Department, Security Governance Section and Bank of Yokohama ICT Planning & Promotion Department, Security Governance Section. “They steal user account privileges and elevate them via Active Directory, to enable them to access important data. So, securing Active Directory was an area that we wanted to invest in.”

Bank of Yokohama already used Tenable Security Center for vulnerability management and trusted Tenable's reliability. Selecting Tenable Identity Exposure was an easy decision, with its fast, agentless feature ensuring a seamless deployment process.

The deployment of Tenable Identity Exposure provided the Bank of Yokohama with an in-depth view of its Active Directory. The bank can now accurately identify every AD account, including dormant accounts and machine identities, and understand the potential risks of exploitation by malicious actors due to the multi-functional capabilities of Active Directory. Tenable Identity Exposure detects many of the techniques used in cyber attacks to gain elevated privileges and enable lateral movement, including DCShadow, Brute Force, Password Spraying, Golden Ticket and more.

“Previously, we were under the impression that all we needed to do was to apply patches and manage accounts. Now, with the deployment of Tenable Identity Exposure, we are physically able to see the risk of exploitation. This, I believe, is the positive impact of deploying Tenable Identity Exposure. Its alert functions are comprehensive—it detects vulnerabilities as well as misconfigurations,” said Mr. Shinnosuke Shimada, Bank of Yokohama ICT Planning & Promotion Department, Security, Governance Section.

“Many organizations struggle to maintain proper Active Directory security as their domains grow more complex, often leaving flaws undetected until a major incident occurs. Given the high-profile attacks involving AD in recent years, it's crucial to prioritize AD security within the overall cybersecurity strategy,” said Naoya Kishima, Country Manager, Tenable Japan. “Bank of Yokohama recognizes this need, and we're pleased to support them in their security journey.”

About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. Tenable의 AI 기반 위험 노출 관리 플랫폼은 공격 표면 전체에서 보안 가시성, 통찰 및 작업을 혁신적으로 통합하여 최신 조직들을 IT 인프라부터 클라우드 환경 및 중요 인프라와 이외의 다양한 환경에 공격에 대해 보호합니다.엔터프라이즈를 보안 위험 노출에서 보호하여 Tenable은 전 세계에 44,000곳 이상의 고객사에서 비즈니스 위험을 줄입니다.Learn more at tenable.com. 

Media contact
Tenable PR
[email protected]