Abstract
More than 90 per cent of organisations use Active Directory (AD) as their identity management system, which serves as a master directory and the means to control access to enterprise services. Its central role in governing user identity and authentication means AD is a primary target for threat actors. Compromising AD means attackers can access the most critical systems and assets on the network or gain administrator privileges to take over the domain. Many traditional security solutions will not notice this activity because the user account appears to be operating within the scope of its privileged access rights. The tactics the attackers use can evade traditional detection systems since they are not designed to detect credential theft, privilege escalation and lateral movement. Identity visibility solutions reduce the attack surface by identifying exposed credentials, domain controller vulnerabilities and cloud overprovisioning. Identity detection and response (IDR) solutions add detection of attempts to exploit AD and credential protection from theft and misuse. This paper will discuss how threat actors attack and exploit AD, and what organisations can do to protect their AD environments.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
