Active Directory Security

Identity Attack Watch: AD Security News, June 2023

Identity Attack Watch: AD Security News, June 2023

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. This month’s roundup…

Resource-Based Constrained Delegation: AD Security 101

Resource-Based Constrained Delegation: AD Security 101

  • Daniel Petri | Senior Training Manager

Resource-based constrained delegation (RBCD) is an Active Directory (AD) security feature that enables administrators to delegate permissions in order to manage resources more securely and with greater control. Introduced in Windows Server 2012 R2 as an enhancement to the traditional Kerberos constrained delegation (KCD), RBCD can help to reduce the…

AD Security 101: Lock Down Risky User Rights

AD Security 101: Lock Down Risky User Rights

  • Daniel Petri | Senior Training Manager

In Active Directory (AD) environments, you can use Group Policy Objects (GPOs) to configure user rights. By using GPOs, you can easily enforce consistent user rights policies across all computers in the domain or organizational unit (OU). This capability makes it easier to manage and maintain user access control over…

AD Security 101: GPO Logon Script Security

AD Security 101: GPO Logon Script Security

  • Daniel Petri | Senior Training Manager

In Active Directory (AD) environments, Group Policy Objects (GPOs) can be used to configure logon scripts. These scripts can be powerful tools to manage and automate the logon process for users and computers in the AD environment. You can assign and place such scripts in any GPO within the organization.…

Identity Attack Watch: AD Security News, May 2023

Identity Attack Watch: AD Security News, May 2023

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

AD Security 101: Non-Default Security Principals with DCSync Rights

AD Security 101: Non-Default Security Principals with DCSync Rights

  • Daniel Petri | Senior Training Manager

Misuse of DCSync functionality can lead to vulnerabilities that put Active Directory—and your enterprise network—at risk.

AD Security 101: Domain Controller Security

AD Security 101: Domain Controller Security

  • Daniel Petri | Senior Training Manager

For organizations that use Active Directory (AD), securing domain controllers (DCs) is an essential part of AD security. DCs are critical components of the IT infrastructure. These servers hold sensitive and security-related data, including user account information, authentication credentials, and Group Policy objects (GPOs). Naturally, then, DC security is an…

Identity Attack Watch: AD Security News, April 2023

Identity Attack Watch: AD Security News, April 2023

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…