Time to Help Microsoft and the Entire World


As you know, today Microsoft’s Active Directory is the very foundation of IT and cyber security at 85% of all organizations worldwide, as well as at the foundation of most cyber security companies.

The compromise of an organization’s foundational Active Directory could have colossal consequences for the organization, as well as for all its stakeholders (i.e. customers, investors, partners etc.)



There recently has been a steadily increasing amount of attention being given to Active Directory Security, especially Active Directory ACLs, as they ultimately protect all Active Directory content.

For instance, attack vectors such as Mimikatz DCSync, Active Directory Privilege Escalation, Sneaky Persistence in Active Directory and Active Directory Botnets all target Active Directory ACLs.



Earlier this month, Microsoft finally agreed that recently Active Directory ACLs may in fact be getting a lot of attention these days, in a blog post titled – Active Directory ACLs – Attack and Defense.

Based on what Microsoft shared, it appears it may not seem to understand the depth of this challenge, so we had to share a blog post titled – Active Directory ACLs – Actual Attack and Defense.



Given the paramount role that Active Directory plays in organizational cyber security and IT today, we must do everything we can to adequately secure and defend Active Directory deployments.

Thus, in days to come,  I’ll be helping Microsoft and the entire world, by sharing with them exactly how they can adequately secure and defend their foundational Active Directory deployments.



Specifically, in days to come, you can expect the following insightful posts –


  1. What Constitutes a Privileged User in Active Directory?
  2. How to Correctly Audit Privileged Users/Access in Active Directory?
  3. How to Render Mimikatz DCSync Useless in an Active Directory Environment?
  4. How to Easily Identify and Thwart Sneaky Persistence in Active Directory?
  5. How to Easily Solve The Difficult Problem of Active Directory Botnets?
  1. Why the World’s Top Active Directory Permissions Analysis Tools Are Mostly Useless?
  2. Why is the Need to Lockdown Access Privileges in Active Directory Paramount to its Defense?
  3. How to Attain (Lockdown) and Maintain Least Privileged Access (LPA) in Active Directory?
  4. How to Securely Delegate and Correctly Audit Administrative Access in Active Directory?
  5. How to Easily Secure Active Directory and Operate a Bulletproof Active Directory Deployment?


Starting October 17, 2017, you’ll be able to find these posts over at the Active Directory Security Blog.