Active Directory Best Practices to Frustrate Attackers

Black Hills Information Security

Active Directory out of the box defaults aren’t enough to keep your network safe.  Here’s the word on the street about frustrating attackers in your Active Directory environment. It’s easy to make things hard.  But it’s not hard to make things easy. Spin that how you will, running Active Directory efficiently isn’t necessarily easy, but it certainly can be easy to make things hard for attackers in your environment.  Here are some baseline things you can do to make your Active Directory environment frustrating for attackers.  Attackers’ main resource is time, and if you can slow them down and frustrate them, you have a better chance of making attackers look for easier targets, or at least more time for your response team to identify and protect your assets.
Watch Now

Spotlight

Cybersecurity is key to unlocking innovation and expansion, and by adopting a tailored organization and risk-centric approach to cybersecurity, organizations can refocus on opportunities and exploration. Building trust in a business that operates successfully within the Internet of Things (IoT), and that fully supports and protects individuals and their personal mobile devices (from a simple phone to a health care device, from smart appliances to smart cars), is a key competitive differentiator and must be a priority.

OTHER ON-DEMAND WEBINARS

Privileged Password Management 101: Laying the Foundation for Success

BeyondTrust

InfoSec pros have their work cut out for them—with the need to secure an estimated 300 billion passwords by 2020. Privileged password management, in particular, is a pain point for almost every organization. Privileged credentials are often difficult to identify, challenging to tame and properly secure, and if done improperly, can be costly to manage. Without strong privileged password management processes and technology in place, your organization is ripe for all kinds of security breaches. In many industries, lack of the proper protections in place alone puts you at risk from legal and/or regulatory fallout.
Watch Now

Advanced Threat Hunting & Incident Response with CB ThreatHunter

Carbon Black

Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments. Start leveraging unfiltered data to make the most of your threat hunt. CB ThreatHunter - on our Predictive Security Cloud - allows for just that. Join our webinar to learn about: Our best-of-breed threat hunting. How to utilize unfiltered data gathered from all protected endpoints.
Watch Now

SANS Top New Attacks and Threat Report

Anomali

Each year, the annual RSA Conference in San Francisco features top SANS instructors presenting their look at the new attack techniques currently in use and their projections for future exploits. This fast-paced panel--moderated by Alan Paller and featuring Heather Mahalik, Ed Skoudis and Johannes Ullrich--is one of the highest-rated keynote sessions at the conference. In this webcast, SANS Director of Emerging Technologies John Pescatore will highlight: The top new attacks and threats as defined in that presentation.
Watch Now

The Future of Phishing: It’s all about your customers

SEGASEC

While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools. Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.
Watch Now

Spotlight

Cybersecurity is key to unlocking innovation and expansion, and by adopting a tailored organization and risk-centric approach to cybersecurity, organizations can refocus on opportunities and exploration. Building trust in a business that operates successfully within the Internet of Things (IoT), and that fully supports and protects individuals and their personal mobile devices (from a simple phone to a health care device, from smart appliances to smart cars), is a key competitive differentiator and must be a priority.

resources