Home > Resources > Whitepapers > Ten Active Directory Misconfigurations that Lead to Total Domain Compromise

Ten Active Directory Misconfigurations that Lead to Total Domain Compromise

March 13, 2019

Introduction: Active Directory Security Risks Why is Microsoft Active Directory (AD) the business world’s most targeted asset? Because with just a few queries to AD from a compromised endpoint, attackers obtain all the information they need to steal domain admin credentials and move laterally to high-value assets. Put another way: Attackers gain control of an organization’s vital assets simply by compromising a single domain-connected endpoint. The AD database exposes all identities and resources on the corporate network to any domain-connected user; AD authorizes users (whether legitimate or nefarious) to use its built-in query capability to locate sensitive information.

I'm For Real

Enter your details once to access all our information and resources

 

Spotlight

Micro Focus

Micro Focus provides innovative software that allows companies to develop, test, deploy, assess and modernize business-critical enterprise applications. Micro Focus’ software enables customers’ business applications to respond rapidly to market changes and embrace modern architectures with reduced cost and risk. Micro Focus has more than 30 years of expertise, more than 18,000 customers and over two million licensed users, including 91 of the Fortune Global 100 companies.

OTHER WHITEPAPERS
news image

API Security: Best Practices for Vulnerability Mitigation

whitePaper | June 6, 2023

API Security: Best Practices for Vulnerability Mitigation provides a hands-on approach to mitigate security vulnerabilities in APIs. The paper emphasizes the importance of implementing security measures that protect the API and underlying infrastructure. The paper identifies various security vulnerabilities that can arise in APIs and provides detailed guidelines for securing them. These guidelines cover authentication, authorization, input validation, output encoding, error handling, logging, and auditing.

Read More
news image

AI Security White Paper

whitePaper | January 23, 2020

With the accumulation of big data, dramatic improvements in computing power, and continuous innovation in Machine Learning (ML) methods, Artificial Intelligence (AI) technologies such as image recognition, voice recognition, and natural language processing have become ubiquitous. Meanwhile, AI poses a significant impact on computer security: on the one hand, AI can be used to build defensive systems such as malware and network attack detection; on the other hand, AI might be exploited to launch more effective attacks.

Read More
news image

The State of ICS/OT Cybersecurity in 2022 and Beyond

whitePaper | October 26, 2022

The industrial control system (ICS)/operational technology (OT) security community is seeing attacks that go beyond traditional attacks on enterprise networks. Given the impacts to ICS/OT, fighting these attacks requires a different set of security skills, technologies, processes, and methods to manage the different risks and risk surfaces, setting ICS apart from traditional IT enterprise networks.

Read More
news image

Securing Water Utilities with AWS

whitePaper | March 3, 2023

Today, many U.S. water utilities want to implement cloud-based information technology (IT) and operational technology (OT) solutions to realize the operational and security benefits of the cloud. This whitepaper discusses the business drivers associated with cloud adoption in the U.S. Water Sector, cyber security trends, and outlines best practices for implementing cyber security controls at a water utility.

Read More
news image

Password Safe Cloud 22.2 Security Whitepaper

whitePaper | August 5, 2022

The purpose of this document is to help technically-oriented professionals understand the security-related value BeyondTrust can bring to their organization. BeyondTrust can help your support organization stay secure and compliant, while improving the efficiency and success of your organization with a better end-user support experience.

Read More
news image

How Healthcare Can Boost Cyber Security and Close Its Defense Gaps

whitePaper | May 22, 2022

Hackers have made healthcare a top target. As a result, the healthcare industry experienced the highest number of ransomware attacks during Q3 2022, with one in 42 healthcare organizations suffering an attack – in spite of an 8 percent drop in ransomware attacks in Q3.

Read More

API Security: Best Practices for Vulnerability Mitigation

whitePaper | June 6, 2023

API Security: Best Practices for Vulnerability Mitigation provides a hands-on approach to mitigate security vulnerabilities in APIs. The paper emphasizes the importance of implementing security measures that protect the API and underlying infrastructure. The paper identifies various security vulnerabilities that can arise in APIs and provides detailed guidelines for securing them. These guidelines cover authentication, authorization, input validation, output encoding, error handling, logging, and auditing.

Read More

AI Security White Paper

whitePaper | January 23, 2020

With the accumulation of big data, dramatic improvements in computing power, and continuous innovation in Machine Learning (ML) methods, Artificial Intelligence (AI) technologies such as image recognition, voice recognition, and natural language processing have become ubiquitous. Meanwhile, AI poses a significant impact on computer security: on the one hand, AI can be used to build defensive systems such as malware and network attack detection; on the other hand, AI might be exploited to launch more effective attacks.

Read More

The State of ICS/OT Cybersecurity in 2022 and Beyond

whitePaper | October 26, 2022

The industrial control system (ICS)/operational technology (OT) security community is seeing attacks that go beyond traditional attacks on enterprise networks. Given the impacts to ICS/OT, fighting these attacks requires a different set of security skills, technologies, processes, and methods to manage the different risks and risk surfaces, setting ICS apart from traditional IT enterprise networks.

Read More

Securing Water Utilities with AWS

whitePaper | March 3, 2023

Today, many U.S. water utilities want to implement cloud-based information technology (IT) and operational technology (OT) solutions to realize the operational and security benefits of the cloud. This whitepaper discusses the business drivers associated with cloud adoption in the U.S. Water Sector, cyber security trends, and outlines best practices for implementing cyber security controls at a water utility.

Read More

Password Safe Cloud 22.2 Security Whitepaper

whitePaper | August 5, 2022

The purpose of this document is to help technically-oriented professionals understand the security-related value BeyondTrust can bring to their organization. BeyondTrust can help your support organization stay secure and compliant, while improving the efficiency and success of your organization with a better end-user support experience.

Read More

How Healthcare Can Boost Cyber Security and Close Its Defense Gaps

whitePaper | May 22, 2022

Hackers have made healthcare a top target. As a result, the healthcare industry experienced the highest number of ransomware attacks during Q3 2022, with one in 42 healthcare organizations suffering an attack – in spite of an 8 percent drop in ransomware attacks in Q3.

Read More
More Whitepapers

Spotlight

Micro Focus

Micro Focus provides innovative software that allows companies to develop, test, deploy, assess and modernize business-critical enterprise applications. Micro Focus’ software enables customers’ business applications to respond rapidly to market changes and embrace modern architectures with reduced cost and risk. Micro Focus has more than 30 years of expertise, more than 18,000 customers and over two million licensed users, including 91 of the Fortune Global 100 companies.

Events

Cyber Security & Cloud Congress Europe

Conference