Attackers have a number of ways to compromise your organization, ranging from web application attacks down to our users. The attack surface is vast, and the ability for an attacker to find one system and move laterally to others increases exponentially the further down the exploitation cycle an attacker gets. Active Directory plays a large role in many organizations and is often the method attackers use to piggyback single-sign-on and centralization in order to access a plethora of systems. This talk will dive into the various techniques attackers use in order to compromise an organization and how to best effectively prioritize and combat the threats we face today. Let's dive down into attack patterns, how they work, and how to best design your organization in a way that combats the threats we face today.