Reserve your spot for TEC 2023 — registration is now open!
The Experts Conference (TEC) is THE Microsoft security and management training event of the year. With the resounding success of the in-person TEC 2022, we’ll be returning to Atlanta on…
Reserve your spot for TEC 2023 — registration is now open!
The Experts Conference (TEC) is THE Microsoft security and management training event of the year. With the resounding success of the in-person TEC 2022, we’ll be returning to Atlanta on…
As an IT professional, it shouldn’t surprise you to know that there are 95 million attempted Active Directory (AD) attacks every day. But cyberattack concerns aren’t limited to on-premises Active Directory. In fact, last year, there were more than 25…
I’m excited to report that Gartner has named Quest as an example vendor in multiple areas in its 2022 report, “IAM Best Practices for Active Directory”*! In fact, Quest and our company One Identity are listed as an example vendor in eleven of the categories…
In a related blog post, I revealed that Quest was named as an Example vendor in multiple categories in the 2022 Gartner® report, “Implement IAM Best Practices for Your Active Directory.”1 In fact, Quest or One Identity was listed as an…
Cybercriminals are increasing in sophistication – gaining knowledge through experience, developing stealthy attacks targeting existing and new vulnerabilities, and increasingly leveraging the supply chain to maximize exploitation and infiltration. And…
Each summer, we eagerly await the start of Microsoft’s new fiscal year on July 1 as we gear up to learn about their key focus areas and strategic initiatives. This year was a little sweeter as Quest continued its commitment to the Microsoft partner ecosystem…
MITRE ATT&CK reports that a “rogue” domain controller could be used to manipulate data in Active Directory. This attack, known as a DCShadow attack, requires you to have administrative rights, but also allows the actions that are modified to be hidden…
What exactly is multifactor authentication (MFA)? What technologies are available for implementing it, and what are their pros and cons? This blog answers all these questions.
Let’s start with the basics. What is
…If you’re interested in Active Directory security, you’ve undoubtedly heard of the Zero Trust model. Briefly, Zero Trust is a great security model for modern IT environments because it assumes that breaches are inevitable and malicious actors…
The Experts Conference (TEC) is back – virtually and for free. Join us September 1 -2, 2021 for the latest practical Active Directory security, Office 365 management, and migration and modernization training. As always, TEC will be the Microsoft training…
Today, I’m going to answer all the key questions you might have about Active Directory Domain Services.
Active Directory Domain Services (AD DS) and Active Directo…
“Golden Ticket attack” is a particularly colorful (if you’ll pardon the pun) name for a particularly dangerous attack. The moniker comes from Roald Dahl’s book Charlie and the Chocolate Factory, where a golden ticket is the highly…
CPU Side-channel attacks have grabbed the headlines since January 4, 2018 with the announcement of Spectre and Meltdown. In this post we’ll define side-channel attacks, what they are not and where they could impact your Active Directory securit…
Everybody’s talking about Zero Trust these days. In particular, Microsoft recently announced that it is adopting a Zero Trust model, and the NSA has issued guidance to help other organizations implement it, too.
But exactly what is it? Should your…
“Active Directory vs. Azure Active Directory”? Okay, I readily admit that this match-up will never inspire the same passion as “Coke vs. Pepsi,” “Marvel vs. DC” or “Kirk vs. Picard.” Still, these two core Microsoft technologies affect your digital life…
Microsoft service accounts are a critical part of any Windows ecosystem because they are used to run essential services and applications, from web servers to mail transport agents to databases. But all too often, they are not used and managed properly…
Psst! Want to know a great way to spread ransomware across a corporate network? Compromise the organization’s Group Policy.
Want to know a great way to cripple an organization’s defenses against data theft? Compromise Group Policy.
In fact…
What is Azure AD Connect, and why might your organization need it? To answer that, let’s take a step back and look at the bigger picture. Many organizations today rely heavily on the Microsoft cloud. In particular, solutions like Microsoft 365, Microsoft…
If you get Group Policy management WRONG – even for just one Windows system with a seemingly innocuous setting, then you can inflict massive detrimental effects to the security posture of thousands of systems in your network within minutes.
With…
So far in this “What is Active Directory?” series, we have explored what Active Directory is, , the essential tasks in effective Active Directory management, and the key things to know about Active Directory security. You might be thinking…
Just how critical is Group Policy?
Well, what might happen if your lockout policy got changed and hackers were allowed unlimited attempts to guess a user’s password? What if the predefined bookmarks on all your users’ machines were redirected to malicious…
Group Policy is a critical element of any Microsoft Active Directory (AD) environment. But exactly what is it and how does it work? How can attackers compromise it, and how can you defend yourself? Here are all the essential things you need to know.
…KRBTGT is an account used for Microsoft’s implementation of Kerberos, the default Microsoft Windows authentication protocol. Understanding the ins and outs of KRBTGT accounts can mean the difference between having a secure, compliant network and opening…
To start things off, how about some numbers?
30 speakers, 24 sessions, 2 keynotes and 6,967 eyes on sessions (aggregated across both days) with 1,719 attendees across 26 live Q&A Team Meetings. That’s what The Experts Conference (TEC) 2020 virtual…
A few posts back, I revealed my eight predictions for 2021. Since then, I’ve dived into the details of the first five: