AD Security 101
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
AD Security 101: Securing Primary Group IDs
- Daniel Petri | Senior Training Manager
Welcome to AD Security 101, a series that covers the basics of Active Directory (AD) security. This week, we look at primary group IDs and how unnecessary changes to them can complicate account management. Attackers can also exploit primary group IDs to introduce security risks, including privilege escalation, and to…
Resource-Based Constrained Delegation: AD Security 101
- Daniel Petri | Senior Training Manager
Resource-based constrained delegation (RBCD) is an Active Directory (AD) security feature that enables administrators to delegate permissions in order to manage resources more securely and with greater control. Introduced in Windows Server 2012 R2 as an enhancement to the traditional Kerberos constrained delegation (KCD), RBCD can help to reduce the…
AD Security 101: Lock Down Risky User Rights
- Daniel Petri | Senior Training Manager
In Active Directory (AD) environments, you can use Group Policy Objects (GPOs) to configure user rights. By using GPOs, you can easily enforce consistent user rights policies across all computers in the domain or organizational unit (OU). This capability makes it easier to manage and maintain user access control over…
AD Security 101: GPO Logon Script Security
- Daniel Petri | Senior Training Manager
In Active Directory (AD) environments, Group Policy Objects (GPOs) can be used to configure logon scripts. These scripts can be powerful tools to manage and automate the logon process for users and computers in the AD environment. You can assign and place such scripts in any GPO within the organization.…
AD Security 101: Non-Default Security Principals with DCSync Rights
- Daniel Petri | Senior Training Manager
Misuse of DCSync functionality can lead to vulnerabilities that put Active Directory—and your enterprise network—at risk.
AD Security 101: Domain Controller Security
- Daniel Petri | Senior Training Manager
For organizations that use Active Directory (AD), securing domain controllers (DCs) is an essential part of AD security. DCs are critical components of the IT infrastructure. These servers hold sensitive and security-related data, including user account information, authentication credentials, and Group Policy objects (GPOs). Naturally, then, DC security is an…
AD Security 101: SIEM Tools and AD Monitoring
- Daniel Petri | Senior Training Manager
Before we dive into technical tips that I mentioned in my previous post, I want to raise an important point. If you're relying solely on security information and event management (SIEM) tools for Active Directory (AD) security monitoring—especially against potential cybersecurity attacks—you might not be getting a complete picture of…
AD Monitoring: AD Security 101
- Daniel Petri | Senior Training Manager
An unmanaged Active Directory (AD) can have a profound impact on your operations, leading to downtime and increasing your vulnerability to network security threats. AD monitoring can provide insights you need to ensure smooth operations, optimize performance, and safeguard your network. Welcome to AD Security 101. This blog series covers…
