Semperis Surpasses $100M in ARR as Organizations Prioritize Identity System Defense
Back to blogs listing

Active Directory Security

Categories

Featured Articles

AD Security 101: GPO Logon Script Security
  • Daniel Petri | Senior Training Manager
AD Security 101: Non-Default Security Principals with DCSync Rights
  • Daniel Petri | Senior Training Manager

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
Hidden Gems: The Azure Active Directory Whitepapers

Hidden Gems: The Azure Active Directory Whitepapers

  • Sean Deuby | Principal Technologist

It's pretty well accepted now that the world is moving away from painstakingly planned, piloted, deployed, and maintained on-premises applications in local data centers. It's moving to web services, hosted in the cloud (best definition: your stuff on someone else's computer) whose new capabilities are rapidly deployed and refined via…

SaaS Passwords Are Like Cockroaches

SaaS Passwords Are Like Cockroaches

  • Sean Deuby | Principal Technologist

And in the case of passwords, each one - especially each forgotten one - is a little security risk scurrying around in the shadows. You may think you have gotten rid of them (or at least reduced them to a manageable amount), but they still keep popping up. And as…

8 Situations That Put Your Active Directory At Risk

8 Situations That Put Your Active Directory At Risk

  • Sean Deuby | Principal Technologist

Active Directory Domain Services (AD DS) has grown to be a marvelously reliable, highly scalable, and fault tolerant core component of your company’s IT infrastructure. It generally works quite well without requiring a lot of attention. But the AD DS admin must put in extra work to take the service…

Detect, Recover, and Restore From Active Directory Events

Azure AD Connect: the staging server

  • Sean Deuby | Principal Technologist

Microsoft continues to work on a sore spot in its hybrid identity strategy: The challenge of deploying its identity bridge between Active Directory Domain Services (AD DS) on premises and Azure Active Directory in the cloud. This bridge consists of AD FS for federation and a succession of utilities, culminating…

Why On-Premises Active Directory Still Matters in a Cloud-Connected World

Why On-Premises Active Directory Still Matters in a Cloud-Connected World

  • Sean Deuby | Principal Technologist

With all the talk about stampeding to the cloud, I get asked fairly regularly if I think Active Directory will be going away. No, AD isn't becoming obsolete; it's evolving. And as it evolves, I'd argue that it matters more than ever. Within Microsoft ISSD (Identity and Security Services Division),…

Hackers Update Notorious TrickBot Malware to Evade Detection

Vulnerability in Kerberos Allows Elevation of Privilege

  • Sharon Vardi

Recently, Microsoft has released a security update (MS14-068) for Windows Server. The patched vulnerability is in the Windows Kerberos Key Distribution Center (KDC), which generates the session tickets to identities within Active Directory while accessing the Domain's resources. When clients request access to a resource, they contact the ticket-granting service…