Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Active Directory Change Resiliency
- Sander Berkouwer
Last month, I have had many discussions with many people on Active Directory Backup and Restore. Now, the obvious topics to talk about are disaster recovery and forest recovery. Of course, we talked about these, but in many of the discussions last month, we focused more on what I’d call…
WannaCry, NotPetya, MBR-ONI and Friends: Tales of Wiper Attacks and Active Directory Destruction
- Mickey Bresman
Ransomware attacks on enterprises are escalating both in frequency and complexity. Many in the security space believe that WannaCry and NotPetya were only a sample of what’s coming. Increasingly, Active Directory (AD) is at the center of cyberattacks, with wipers like MBR-ONI utilizing AD to maximize the attack reach and,…
Kerberos at the Company Party
- Sean Deuby | Principal Technologist
Back in 1999, I wrote a book on Windows 2000 Server in general, and Active Directory in particular. I try not to look back at what I wrote about AD back then compared to what I know now, but I remain fond of a passage that explained how the Kerberos…
How Do I Protect Against Ransomware?
- Joseph Carson
Guest column by Joseph Carson, Chief Security Scientist at Thycotic. “Ransomware” is on the rise using “targeted phishing attacks” and is being used for financial blackmail and poison or corrupt data. No one is excluded from these threats and no company or individual is too small to be a target.…
5 Information Security Policies Every CISO Must Enforce Now
- Joseph Carson
Guest column by Joseph Carson, Chief Security Scientist at Thycotic. Chief Information Security Officers, CISOs, bear some of the heftiest weights on their shoulders of anyone in an organization. Single-handedly, depending on their security policies and the enforcement of them, they can be responsible for the success or downfall of…
Two New Microsoft Hybrid Services Dramatically Simplify Connecting your Active Directory to Azure
- Sean Deuby | Principal Technologist
Microsoft recently announced the public preview of two major new capabilities that will make integrating your on-premises Active Directory to Azure AD much, much easier. Passthrough authentication (PTA) and Seamless Single Sign-On (I'm choosing to call it 3SO) will allow your users to easily access Azure AD applications such as…
NIST joins Microsoft in Changing How We Should Think About Passwords
- Sean Deuby | Principal Technologist
On the heels of Microsoft's updated password recommendations, the National Institute for Standards and Technology (NIST) has come out with its own updated password guidelines. These recommendations parallel many of Microsoft's recommendations and thus give them extra credibility; in some areas they go further. When two major security industry influencers…
Understanding Azure AD Password (Hash) Sync
- Sean Deuby | Principal Technologist
Now that businesses are adopting cloud computing as part of their business model, a large percentage are choosing to connect their on-premises Active Directory environment to its counterpart in the cloud, Microsoft's Azure Active Directory. When you extend your on-premises AD to Azure AD, you have two choices for how…
