On Sunday, May 19th, 2018, I spoke at NolaCon at 11am.
Here’s the talk description:
Active Directory is only the beginning.
Attackers have set their sights squarely on Active Directory when targeting a company, though this typically isn’t the primary objective. The motivation and end goals range from stealing data to impacting corporate operations. In this regard, gaining control of Active Directory is a means to an end; compromising Active Directory is an easy way to gain access to all critical corporate resources. Effectively protecting Active Directory has become critical in limiting the impact of a breach.
This talk takes the audience on a journey covering the various security milestones and challenges with Active Directory. A variety of AD security posture are highlighted along with the challenges they encounter with securing their systems. Key elements involve how enterprise “”AD aware”” applications can weaken Active Directory security and how leveraging cloud services complicate securing infrastructure. Also explored is what an attacker can do in an environment without having Domain Admin rights.
This talk covers the critical issues affecting organizations today, as well as the biggest challenges; current attack techniques; and the most effective defensive techniques to prevent and mitigate compromise (including limitations to these approaches).
For the curious, here’s an outline of the talk:
- AD Security Evolution
- Cloud Challenges
- Attacker Capability
- Common AD Security Issues
- Kerberos Delegation
- Attack Detection Methods
Slides are now posted in the Presentations section.