• Back


Aite Impact Brief: Fixing Vulnerabilities in Active Directory and Kerberos

When one thinks of cybersecurity attacks, one thinks first about phishing, ransomware,  denial-of-service attacks, and other headline-grabbing threats. However, nestled deep in most networks is an Achilles’ heel. It’s such a popular destination for attackers that network security, endpoint security, and cloud security vendors make it their prime directive to catch bad activities before attackers reach this enticing target.

The place all attacks seem to be worming their way toward is Active Directory. Microsoft’s Active Directory is the treasure trove of all privileges and credentials—the master key that unlocks every account, every server, every bit of valuable data—and its lack of intrinsic security is legendary. While financial institutions are very familiar with locking important assets in a vault, the network’s vault at those same institutions remains unlocked.

This Impact Brief, drawing from six interviews with heads of cybersecurity and risk management at large financial institutions in the U.S. and Europe, aims to help business and technology managers understand and mitigate a critical vulnerability.

Download the Impact Brief

Related Resources

Card image cap
Offensive Security Service Data Sheet

Published Sep 28, 2021

Card image cap
Offensive Security Service Tech Spec

Published Sep 28, 2021

Card image cap
Punkspider Data Sheet

Published Jul 20, 2021

Card image cap
Intelligent Due Diligence Tech Spec

Published Jul 15, 2021