Securing Microsoft Active Directory (AD) involves dealing with a mixed bag of risks, ranging from management mistakes to unpatched vulnerabilities. AD has become a prime target for cyber-attackers who use AD to elevate privileges and gain persistence in the organization. Investigate a typical data breach, and you’ll find that stolen credentials likely were used—sometimes for initial entry, sometimes for accessing critical systems, but always to the detriment of the targeted organization.
Hardening AD begins with getting a handle on the vulnerabilities and common configuration and management mishaps that pave the road to compromises. To defend AD, administrators need to know how attackers are targeting their environment. How many, however, can pass a pop quiz about the types of security holes threat actors are sneaking through as they move through the steps of the breach?