Active Directory Security
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (207)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (64)
- Identity Attack Catalog (24)
- Identity Threat Detection & Response (139)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (66)
- Uncategorized (1)
Toughen Up Your AD
- Edward Amoroso
Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern identity management. And yet, surprisingly, the word identity does not appear even once in the entire RFC. (The word directory shows up…
Why Most Organizations Still Can’t Defend Against DCShadow – Part 2
- Darren Mar-Elia | VP of Products
In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a feature of the Mimikatz post-exploitation tool that…
Why Most Organizations Still Can’t Defend against DCShadow
- Darren Mar-Elia | VP of Products
DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in AD without anyone knowing. This allows the attacker to create backdoors all over AD that…
Group Policy Security– Tinkering with External Paths
- Darren Mar-Elia | VP of Products
If you’ve been following this blog, you know that about 2 and half years ago, I started talking about Group Policy’s precarious role in the typical enterprise’s security posture. Many, if not most, AD shops use GP to perform security hardening on their Windows desktops and servers. This includes everything…
NotPetya, the Russian Wiper
- Steve Mackay
You know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets.But do you recall....... the most damaging attack of all?....NotPetya the Russian Wiper, had a very nasty bite.And if you ever saw it, you would even say “Good Night!”.All of the other malware’s... used to…
Your Active Directory was compromised, is it all lost?
- David Lieberman
Following a 10-year stint in virtualization technologies, I joined Semperis and dove into the world of Active Directory. Over the last three years, which included some of the most vicious malware attacks ever documented, I think I have finally come up to speed on this part of the IAM world.…
Retake Control of Attribute Sync to Azure AD
- Darren Mar-Elia | VP of Products
Keeping directory sync in sync with security best practices With Azure AD Connect, synchronizing directory data from on-premises Active Directory to Azure AD is both easy and efficient. But is it possible to have too much of a good thing? Security best practices limit sharing to a strict need-to-know basis.…
Should you upgrade to Active Directory 2016…or stay where you are?
- Sean Deuby | Principal Technologist
Should you upgrade your existing AD forest to Windows Server 2016 Active Directory (aka AD 2016), or should you leave it where it is? Despite the focus and activity around adopting cloud services today, the fact remains that Active Directory continues to underpin it all. In addition to longstanding dominance…
