SonicWall unveils Credential Auditor to combat security threats

SonicWall has launched Credential Auditor, a new solution designed to address the growing challenge of managing credentials across complex IT environments. This offering aims to provide organisations with automated discovery and ongoing oversight of credentials that underpin applications, users and machines.

Credential challenges

As businesses increasingly operate across hybrid and multi-cloud environments, the proliferation of credentials-including passwords, tokens, keys and secrets-has become a significant security risk. Many organisations continue to face difficulties in tracking the location, status and privilege of credentials across users, scripts, APIs and legacy systems.

Unmonitored or mismanaged credentials often lead to unauthorised access, forming a frequent vector for security breaches. Attackers are now leveraging compromised or forgotten accounts to bypass traditional security measures and gain undetected access to systems.

Unseen risks

Credential sprawl occurs gradually as organisations accumulate reused passwords, exposed keys, dormant accounts and privileged service profiles. Over time, these credentials can sit outside active monitoring or governance. Each represents a potential entry point for attackers, increasing operational risk and potentially enabling lateral movement within networks.

The difficulties in tracking thousands of credentials manually make it hard for security teams to implement least-privilege strategies or assess the full impact of any single credential compromise.

Automated auditing

Credential Auditor's primary objective is to automate the detection and management of all credentials, regardless of their location across hybrid environments. It identifies credentials used by people, workloads and services. The product offers features like exposure and risk scoring, detecting weak or reused credentials, flagging dormant or over-privileged accounts, and providing continuous monitoring for anomalies or unusual usage patterns.

Comprehensive reporting and remediation tools enable organisations to enforce governance policies, respond rapidly to risks, and generate oversight for leadership and compliance requirements. By automating credential discovery and monitoring, security teams can reduce blind spots and operational overhead.

Supporting governance

Credential Auditor is designed to support compliance and governance initiatives such as Zero Trust. By providing consistent scrutiny across human, machine and service accounts, organisations can align with identity management controls and ensure enforceable policies on access.

Ongoing behavioural analysis delivers early warning of compromised or misused credentials, facilitating faster mitigation and lower breach impact. This helps turn credential security from a reactive to a proactive discipline.

Zero Trust foundation

With the addition of Credential Auditor, users can strengthen their Zero Trust strategy through enhanced visibility and easily implementable remediation. The tool is integrated into existing environments, aiming to minimise operational complexity. By enabling organisations to continuously assess where credentials are stored, whether they are still needed, and what risk they pose, Credential Auditor addresses a critical attack surface frequently overlooked by perimeter security technologies.

"When credentials are visible, measurable and continuously monitored, organizations can finally shift from reactive cleanup to proactive identity security," said Asif Mujtaba, Product Manager, SonicWall.