As the most broadly deployed identity service in the world, Active Directory is a lucrative target for cyberattackers. Ransomware-as-a-service groups, including Conti and LockBit 2.0, have become increasingly adept at finding and exploiting security gaps in Active Directory.
In this session, Alexandra Weaver, Semperis Solutions Architect, discusses the most common AD security vulnerabilities she encounters in her work with customers, how attackers take advantage of those gaps with examples from recent attacks, and how you can harden your AD security posture to prevent attacks.
Key takeaways:
- Common AD vulnerabilities that attackers exploit, grouped into five categories: account security, AD infrastructure, Group Policy, Kerberos, and AD delegation
- How malicious actors compromised AD in well-known attacks such as Colonial Pipeline
- How you can identify and proactively close security gaps in your AD environment