Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory

Securing Account Credentials to Protect Your Organization

Compromising the credentials of Active Directory accounts remains a primary way for adversaries to gain a foothold in an organization’s IT ecosystem. They use a range of tactics, including credential stuffing, password spraying, phishing and brute-force attacks This blog post details key best practices for effective user credential management. Then it dives into how software can help enforce those best practices and further secure user credentials.

Exploiting Weak Active Directory Permissions with PowerSploit

Adversaries use multiple techniques to identify and exploit weaknesses in Active Directory (AD) to gain access to critical systems and data. This blog post explores 3 ways they use PowerShell PowerSploit to elevate or abuse permissions, and offers effective strategies for protecting against them.

How to Restore Active Directory Object Attributes

Active Directory (AD) is a database and set of services that offers centralized management of IT infrastructure resources. It connects users with the resources they require to get their work done. Therefore, technicians must be able to quickly check and recover AD attributes that are modified or deleted by hardware failures, cyberattacks, scripting mistakes and other problems.

Just-In-Time Privilege Elevation: A least-privilege solution to protect your AD-connected business

One Identity Just-In-Time Privilege automatically assigns privileges at the time of a credential check-out – and immediately removes privileged access and resets the account password when task is completed. This protects your Active Directory from bad actors and potential breach.

Reset Password via Set-ADAccountPassword Poweshell Cmdlet

Users normally update their domain account passwords using the Windows Settings menu. But if they forget their password or their account is disabled, an administrator needs to step in. This blog post explores several ways that an admin can reset a user’s password or create a new one. First, we review the easiest options: Active Directory Users and Computers (ADUC) and Active Directory Administrative Center (ADAC).

Domain Member: Digitally Encrypt or Sign Secure Channel Data

A secure channel is a crucial component of Active Directory that’s used by domain members and controllers for seamless communication. Domain Member: Digitally Encrypt or Sign Secure Channel Data is a Microsoft security setting, which, when enabled, ensures that all traffic to/from the secure channel is encrypted. The secure channel is basically a communication channel that allows users smooth access to their user accounts in specific domains.

ADAudit Plus User Logon Reports, Part 5: Detect users' last logon times on workstations

ManageEngine ADAudit Plus is a UBA-driven auditor that bolsters your Active Active (AD) security infrastructure. With over 250 built-in reports, it provides you with granular insights into what’s happening within your AD environment, such as all the changes made to objects and their attributes. This can include changes to users, computers, groups, network shares, and more.

The hazards of not using just-in-time (JIT) privileged access in Active Directory

Active Directory (AD) is the foundation of managing identities, provisioning users and issuing permissions to network resources. These permissions range from the lowest levels of access to the highest levels of admin rights for privileged users. While having control over these permission levels is useful, organizations can open themselves up to serious vulnerabilities if they don’t manage the permission levels carefully.