Would Your Organization Fail the Active Directory Security Assessment?

Presented by

Darren Mar-Elia and Ran Harel

About this talk

As cyberattacks proliferate, many organizations are investing resources in plugging holes in their security strategy. But one common attack entry point—also used in the SolarWinds breach—is consistently overlooked: Active Directory. According to results from a new security assessment tool that evaluates security weaknesses in Active Directory configurations, even large organizations with extensive resources are seeing average scores of 58%—a failing grade. Where are companies failing in securing Active Directory—and how can you strengthen your AD defenses? Join Microsoft identity experts Darren Mar-Elia and Ran Harel as they walk through the most common weak spots in Active Directory configurations—and how to fix them. You’ll come away from this session with a practical checklist of AD vulnerabilities to watch for in your environment, including: - Password policies that are inadequate for modern account protection - Accounts with elevated privileges in place that haven’t been adequately reviewed - Accounts with delegated permissions over Active Directory that have unwanted consequences on AD security that have proliferated over time - Weaknesses in Kerberos usage that are increasingly being exploited to gain privileged access - Weak Group Policy configuration, which creates a variety of holes that attackers can drive through

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (93)
Subscribers (2503)
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv. Semperis hosts the award-winning Hybrid Identity Protection conference. The company has received the highest level of industry accolades; most recently being named Best Business Continuity / Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards. Semperis is accredited by Microsoft and recognized by Gartner.