• Back

Blog

Active Directory is Your #1 Cyber Risk. Start Treating It That Way.

For Cybersecurity professionals, these are not easy times. Data breaches are reported daily and malware seems to evade- or break through perimeter defenses like firewalls, privileged access management (PAM) and multi-factor authentication with ease.

As bad as that sounds, however, things appear to be getting worse. Organized crime and ransomware gangs threaten to lock down your IT environment, holding you, your employees, and your data hostage. Sophisticated adversaries, including nation-state actors, target your critical controls infrastructure and your software supply chain. They’re looking to burrow deep into your IT environment with persistence, access, and sysadmin privileges.

The fact is: organizations can no longer count on stopping threats at their perimeter. Addressing these threats requires a different constellation of security post-breach controls and a different approach - from the inside out. They need to start at the core of the IT environment: validating basic critical control infrastructure related to authentication, authorization, and identity.

Active Directory: Attackers’ #1 Target

At the top of the list, for almost every organization, is Microsoft’s Active Directory, which is the dominant identity service in most organizations with a 95% market share in the enterprise. In fact, many major breaches reported in the media have a common thread of Active Directory being compromised and used by the attackers after their initial breach.

Why? As QOMPLX CSO Andy Jaquith recently noted,  Active Directory is an “overstuffed Turkey” that presents a huge opportunity to cyber adversaries: a list of users and their relevant contact details; a list of servers and workstations known to the administrators; and a lightweight entitlements repository, among others.

“Active Directory does so much, and is so complex, that it cannot be effectively secured,” Jaquith observed.

Download Our New Report

If Active Directory is so critical to the security of your organization, why do so many firms take a hands off approach to AD security? In our latest report, we explore that issue and offer some steps organizations can take to shore up the security of this Critical Control Infrastructure.

Download the report now!

More Posts

Card image cap
Attack surface risk signals: DNS records

Published Oct 14, 2021

Card image cap
Identify and Fight the Phish #CyberMonth

Published Oct 12, 2021

Card image cap
Offensive Security Service Data Sheet

Published Sep 28, 2021

Card image cap
Offensive Security Service Tech Spec

Published Sep 28, 2021