The DCShadow attack exploits a switch in the Mimikatz utility that enables privileged users to inject malicious changes into Active Directory (AD) without detection. DCShadow takes advantage of native AD replication to avoid sending events to the AD security logs.
Read more >
Watch this video presentation to learn how to defend against this emerging threat. Detect rogue DCs, quickly roll back unwanted changes, and enrich event logs with unparalleled visibility.
About the speaker:
Darren Mar-Elia is a 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions.