Active Directory Security
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (207)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (64)
- Identity Attack Catalog (24)
- Identity Threat Detection & Response (139)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (66)
- Uncategorized (1)
Zerologon Exploit Explained
- Huy Kha | Senior Identity & Security Architect
- Nov 15, 2024
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC). This flaw is known as Zerologon—a vulnerability that can give attackers full control over a domain. What is…
Active Directory Security Measures for U.S. State and Local Government and Education
- Edward Amoroso
- Oct 24, 2024
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Broad cybersecurity support encompasses a wide variety of obligations, ranging from compliance documentation to user training. But the most challenging—and essential—aspect of Microsoft Active Directory (AD) security involves the detection of attacks, before, during, and…
The Role of Active Directory in U.S. Public Sector Cybersecurity
- Edward Amoroso
- Oct 18, 2024
[Editor's note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Any observer of public sector cybersecurity will recognize the serious challenges in information technology (IT) protections for U.S. public sector agencies over the past few decades. Major incidents, such as the 2015 data breach at…
Password Spraying Detection in Active Directory
- Huy Kha | Senior Identity & Security Architect
- Sep 18, 2024
Password spraying detection is a vital ability for all organizations. In a password spraying attack, the attacker attempts to gain unauthorized access by trying a few common or weak passwords across many accounts rather than targeting a single account with many passwords. The idea is to test several passwords, hoping…
The 5 Pillars for DORA Compliance in Active Directory
- Daniel Lattimer | Area Vice President - EMEA West
- Aug 30, 2024
The Digital Operational Resilience Act (DORA) is an incoming European Union (EU) legislative framework aimed at fortifying the operational resilience of digital systems within the financial sector. All finance entities that operate in or with the EU need to achieve DORA compliance by early 2025, as do information and communication…
Cohesity and Semperis Provide Unmatched Cyber Resilience for Business-Critical Data
- Nico Devoti | Senior Director, Technology Alliances
An organization’s data is one of its most valuable assets—and a prime target for cyberattackers, who prove time and again that their victims will pay large ransom sums to get exfiltrated data back. According to Semperis’ 2024 Ransomware Risk Report, 78% of organizations that were hit by a ransomware attack…
Hello, My Name Is Domain Admin
- Mickey Bresman
My friends know I'm a movie buff. Being also a mixed martial enthusiast, one of my all-time favorites is Fight Club, based on Chuck Palahniuk's first novel. The story is about an identity crisis: rebelling against consumerism, trying to find truth and meaning in life, and becoming a "real" person…
Strengthening Cyber Incident Response with Forest Druid
- Huy Kha | Senior Identity & Security Architect
Forest Druid is a free cyber attack path discovery tool for hybrid identity environments, such as Active Directory and Entra ID. Unlike traditional tools that map attack paths from the external perimeter inwards, Forest Druid focuses on protecting the most critical assets first. This method prioritizes identifying and securing Tier…
