Active Directory Security
Categories
- Active Directory Backup & Recovery (63)
- Active Directory Security (215)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (68)
- Identity Attack Catalog (29)
- Identity Threat Detection & Response (144)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (2)
- The CISO's Perspective (16)
- Threat Research (68)
AD Security 101: Domain Controller Security
- Daniel Petri | Senior Training Manager
For organizations that use Active Directory (AD), securing domain controllers (DCs) is an essential part of AD security. DCs are critical components of the IT infrastructure. These servers hold sensitive and security-related data, including user account information, authentication credentials, and Group Policy objects (GPOs). Naturally, then, DC security is an…
Identity Attack Watch: AD Security News, April 2023
- Semperis Research Team
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…
Active Directory Migration: 15 Steps to Success
- Daniel Petri | Senior Training Manager
Active Directory (AD) migration projects can be challenging and complex. Such projects involve the migration of users, groups, computers, and applications from one AD domain or forest to another. Careful planning and execution can help your migration team complete a successful AD migration, with minimal disruption to end users and…
Why AD Modernization Is Critical to Your Cybersecurity Program
- Mickey Bresman
Active Directory (AD) is the core identity store for many organizations. As such, AD has also become a major target for bad actors. If attackers gain access to AD, they gain access to any resources in the organization. In a hybrid on-prem/cloud scenario, which is common today, that includes access…
Identity Attack Watch: AD Security News, March 2023
- Semperis Research Team
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…
Azure Active Directory Security: 5 Ways to Secure Your AD
- Eitan Bloch | Semperis Product Manager
Securing Active Directory (AD)—the common target in 9 out of 10 cyberattacks—is difficult. Many organizations have legacy AD environments with accumulated misconfigurations that attackers love to exploit. And although 90% of organizations worldwide use AD as their primary identity store, Gartner research shows that only 33% have any sort of…
AD Security 101: SIEM Tools and AD Monitoring
- Daniel Petri | Senior Training Manager
Before we dive into technical tips that I mentioned in my previous post, I want to raise an important point. If you're relying solely on security information and event management (SIEM) tools for Active Directory (AD) security monitoring—especially against potential cybersecurity attacks—you might not be getting a complete picture of…
Transitive Trust and Breaking Trust Transitivity: AD Security 101
- Charlie Clark
While playing with Kerberos tickets, I discovered an issue that allowed me to authenticate to other domains within an Active Directory (AD) forest across external non-transitive trusts. This means that there is in fact no such thing as a “non-transitive trust.” The term is at best misleading and offers systems…
