Identity-based attacks are escalating at an alarming rate. Yet, many organizations still rely on passive alerts that provide no real defense, leaving them vulnerable to threats that move too fast…
Despite the growing adoption of cloud technologies, many industries — such as banking, government, insurance, and healthcare — remain deeply entrenched in their on-premises infrastructure…
Today we’re thrilled to announce that Microsoft selected Quest as a strategic partner in two Microsoft Azure Marketplace partner programs. This underscores Quest’s ongoing commitment to help organizations and governments around the world secure and modernize…
As an IT professional, it shouldn’t surprise you to know that there are 95 million attempted Active Directory (AD) attacks every day. But cyberattack concerns aren’t limited to on-premises Active Directory. In fact, last year, there were more than 25…
The UK Telecommunications (Security) Act 2021 recognises the vital role that telecommunications plays in the modern world. Indeed, the government intends to quickly and dramatically expand the availability of gigabit-capable broadband and full fibre coverage…
MITRE ATT&CK reports that a “rogue” domain controller could be used to manipulate data in Active Directory. This attack, known as a DCShadow attack, requires you to have administrative rights, but also allows the actions that are modified to be hidden…
If you’re interested in Active Directory security, you’ve undoubtedly heard of the Zero Trust model. Briefly, Zero Trust is a great security model for modern IT environments because it assumes that breaches are inevitable and malicious actors…
Everybody’s talking about Zero Trust these days. In particular, Microsoft recently announced that it is adopting a Zero Trust model, and the NSA has issued guidance to help other organizations implement it, too.
But exactly what is it? Should your…
The Experts Conference (TEC) is back – virtually and for free. With practical Active Directory and Office 365 security education TEC will be the Microsoft training event of the year. You’ll be able to apply what you learn the moment you get back into…
Psst! Want to know a great way to spread ransomware across a corporate network? Compromise the organization’s Group Policy.
Want to know a great way to cripple an organization’s defenses against data theft? Compromise Group Policy.
In fact…
Sean Metcalf, Microsoft Certified Master, and I took your AD security questions during Microsoft Ignite. Sean kicked off this Q&A with six timeless AD security public service announcements for any hybrid AD environment. I’ll review Sean’s specific…
“Nobody expects the Spanish Inquisition! Our chief weapon is surprise, fear and surprise...”
Leave it to a 1970 Monty Python sketch to perfectly sum up 2020! No one expected a global health pandemic and its impact on every aspect of our lives…
This blog is cutting out the chitchat and giving you exactly what you’re searching for: The top seven Hybrid Active Directory Security sessions at Microsoft Ignite.
You have limited time but want to join the best Active Directory sessions at Ignite…
Calling CISSPs! The Experts Conference 2020 is virtual, free and an official (ISC)2 CPE Submitter!
Imagine attending free, online training knowing you are earning those valuable domain-related continuing professional education (CPE) credits and that the…
Every year, those who hold coveted IT Security certifications from places like (ISC)2, ISACA or the SANS Institute, need to earn continuing professional education (CPE) credits to show they are on-top of their security field, staying up-to-date with the…
The Experts Conference (TEC) is back – virtually and for free – November 17-18. TEC 2020 will be the virtual Microsoft training event of the year, with practical Active Directory and Office 365 education that you can apply the moment you get back into…
The Experts Conference (TEC) is back – virtually and for free – November 17-18. TEC 2020 will be the virtual Microsoft training event of the year, with practical Active Directory and Office 365 education that you can apply the moment you get back…
The way we work, with the various devices, access to resources and our mobility has blurred the lines of inside and outside the corporate network. Attackers seeking access to corporate data, ransom dollars or plain old vandalism see the way we work as…
It is not often that a systems administrator gets the chance to build and maintain a corporate Active Directory environment from its inception. Instead, you have probably inherited the AD Forest or Forests and the original creators left years ago. We…
A growing trend for organizations, both from a security perspective and end-user experience, is to connect more clients directly to Azure AD, making the cloud-identity service more authoritative. This would help prevent mimikatz lateral traversal of objects…
They say the cover-up is worse than the crime. When a ransomware attack destroys your network, it’s hard to say which is worse because you may not have known you were breached beforehand – and that’s the point, according to Microsoft Certified Master…
In 2020, we’ll see NIST guidelines and MITRE ATT&CK security mitigation recommendations adopted by a growing number of enterprise organizations to safe guard their Active Directory and Office 365 data. Neither of these guidelines are required, but they…
Here’s our take on the big news and the big projects you’ll face as an Active Directory or Office 365 professional this coming year!
I’ve been in this business over 16 years, my colleagues who helped contribute to these prophesies have way…
Part 1 of my series explained why your efforts to secure your organization is a matter of national security – protecting the intellectual property (IP) that makes your company successful and bolsters your nation’s economy and ultimate security.…
