Identity-based attacks are escalating at an alarming rate. Yet, many organizations still rely on passive alerts that provide no real defense, leaving them vulnerable to threats that move too fast…
Today we’re thrilled to announce that Microsoft selected Quest as a strategic partner in two Microsoft Azure Marketplace partner programs. This underscores Quest’s ongoing commitment to help organizations and governments around the world secure and modernize…
I’m excited to report that Gartner has named Quest as an example vendor in multiple areas in its 2022 report, “IAM Best Practices for Active Directory”*! In fact, Quest and our company One Identity are listed as an example vendor in eleven of the categories…
Each summer, we eagerly await the start of Microsoft’s new fiscal year on July 1 as we gear up to learn about their key focus areas and strategic initiatives. This year was a little sweeter as Quest continued its commitment to the Microsoft partner ecosystem…
MITRE ATT&CK reports that a “rogue” domain controller could be used to manipulate data in Active Directory. This attack, known as a DCShadow attack, requires you to have administrative rights, but also allows the actions that are modified to be hidden…
What exactly is multifactor authentication (MFA)? What technologies are available for implementing it, and what are their pros and cons? This blog answers all these questions.
Let’s start with the basics. What is
…
If you’re interested in Active Directory security, you’ve undoubtedly heard of the Zero Trust model. Briefly, Zero Trust is a great security model for modern IT environments because it assumes that breaches are inevitable and malicious actors…
Today, I’m going to answer all the key questions you might have about Active Directory Domain Services.
Active Directory Domain Services (AD DS) and Active Directo…
“Golden Ticket attack” is a particularly colorful (if you’ll pardon the pun) name for a particularly dangerous attack. The moniker comes from Roald Dahl’s book Charlie and the Chocolate Factory, where a golden ticket is the highly…
CPU Side-channel attacks have grabbed the headlines since January 4, 2018 with the announcement of Spectre and Meltdown. In this post we’ll define side-channel attacks, what they are not and where they could impact your Active Directory securit…
Everybody’s talking about Zero Trust these days. In particular, Microsoft recently announced that it is adopting a Zero Trust model, and the NSA has issued guidance to help other organizations implement it, too.
But exactly what is it? Should your…
In my first post in this series, I explained what Active Directory is and what it’s used for. In the next post, we explored Active Directory management. Now let’s dig into Active Directory security and compliance. What do you need to do to…
Microsoft service accounts are a critical part of any Windows ecosystem because they are used to run essential services and applications, from web servers to mail transport agents to databases. But all too often, they are not used and managed properly…
Psst! Want to know a great way to spread ransomware across a corporate network? Compromise the organization’s Group Policy.
Want to know a great way to cripple an organization’s defenses against data theft? Compromise Group Policy.
In fact…
If you get Group Policy management WRONG – even for just one Windows system with a seemingly innocuous setting, then you can inflict massive detrimental effects to the security posture of thousands of systems in your network within minutes.
With…
Just how critical is Group Policy?
Well, what might happen if your lockout policy got changed and hackers were allowed unlimited attempts to guess a user’s password? What if the predefined bookmarks on all your users’ machines were redirected to malicious…
Group Policy is a critical element of any Microsoft Active Directory (AD) environment. But exactly what is it and how does it work? How can attackers compromise it, and how can you defend yourself? Here are all the essential things you need to know.
…
KRBTGT is an account used for Microsoft’s implementation of Kerberos, the default Microsoft Windows authentication protocol. Understanding the ins and outs of KRBTGT accounts can mean the difference between having a secure, compliant network and opening…
A few posts back, I revealed my eight predictions for 2021. Since then, I’ve dived into the details of the first five:
Let’s continue stepping through my eight predictions for 2021! So far, we’ve covered why ransomware victims will face penalties, how your digital reputation will come under attack and why Zerologon will continue to cause pain for IT pros.
…
Let’s continue stepping through my eight predictions for 2021! So far, we’ve been talking mainly about attacks like ransomware and digital reputation attacks. Today, we’re going to switch it up by discussing not an attack to defend against…
In the early days of Active Directory, a decision had to be made as to whether you were going to do an in-place upgrade of your existing Windows NT 4.0 environment, or if you were going to do a “greenfield” migration. Some organizations had multiple…
DC in the cloud
There could be many different reasons that require Domain Controller running in the cloud:
Extra... extra… read all about it!
Data Breaches are the New Reality! Are you Prepared?
It's no surprise (yet frightening) that there is a drastic increase in news headlines that emphasize the security risks and challenges IT professionals face…
