Tag Archives: Active Directory Security

How to Audit Active Directory Group Memberships

Hello, In today’s short post, Part 3 of How to Perform Simple Active Directory Audits, we’ll take a quick look at how IT administrators, IT managers and IT and cyber security auditors can easily and instantly audit and enumerate the complete membership of any domain (Active Directory) security group, no matter how large or complicatedly […]

How to Audit Active Directory to Identify Computer Accounts Trusted for Unconstrained Delegation

Hello, In today’s short post, part 2 of How to Perform Simple Active Directory Audits, we’ll take a quick look at how IT admins, IT managers, IT consultants as well as IT and Cyber Security auditors can easily audit Active Directory to identify all domain-joined computers in an Active Directory domain whose domain computer accounts […]

Its Time to Help Safeguard Organizatonal Cyber Security Worldwide (i.e. protect Microsoft’s Global Ecosystem)

Folks, Hello. I hope this finds you doing well. Relative to 2017, I know we’ve been quiet for a bit, because, behind the scenes, we’ve been very busy helping protect foundational cyber security worldwide.   Its 2018, i.e. 18 years since Microsoft shipped Active Directory, yet most organizations worldwide don’t even have the means to adequately […]

How to Find Stealthy Admins in Active Directory

Folks, As you may know, lately Active Directory Security seems to have been getting a lot of attention from traditional network security / hacking / cyber security folks (both on the good and the not-so-good side), many of whom may actually be new to the subject of Active Directory Security, and most of whom seem […]

How to Mitigate the Cyber Security Risk Posed by Sneaky Persistence in Active Directory

Folks, A few weeks ago, a presentation titled An ACE Up The Sleeve – Designing Active Directory DACL Backdoors at the Black Hat Conference 2017 (which we skipped) apparently made waves and caught the attention of the world, including that of Microsoft. In fact, it apparently intrigued Microsoft so much that its Advanced Threat Analytics […]

Time to Help Microsoft and the Entire World

Folks, As you know, today Microsoft’s Active Directory is the very foundation of IT and cyber security at 85% of all organizations worldwide, as well as at the foundation of most cyber security companies. The compromise of an organization’s foundational Active Directory could have colossal consequences for the organization, as well as for all its […]

30 Days of Advanced Active Directory Security School for Microsoft

Folks, As you may know, to help Microsoft understand the subject better, I’ve been conducting Advanced Active Directory Security School for Microsoft at – The Active Directory Security Blog. Since we started school, we have received requests from around the world for there to be a single place where folks can easily find these entries, so this blog post […]