1 minute read
ACTION FOR EVERY ORGANIZATION
I challenge every organization that knows their Active Directory is not secure enough to withstand an attack to take a step back and develop a plan to secure it. There are some obvious steps to accomplish this:
SECURE THE EXISTING AD INFRASTRUCTURE AND SETTINGS THAT ATTACKERS TARGET
ENSURE THAT THE SECURITY IN STEP #1 IS MAINTAINED CONSTANTLY
BE ABLE TO DETECT WHEN AD IS UNDER ATTACK IN REAL TIME
With these three steps considered and completed, the entire enterprise exposure and risk will dramatically decrease
Some points to consider:
• For an AD environment with under 5000 users, Step #1 can be discovered in less than 20 minutes
• Step #2 can be executed with alerts being sent to admins and the SOC in real time
• Step #3 can be accomplished with no agents and no privileges in AD
WHAT TO DO NOW?
We encourage you to verify these settings in each and every AD domain you have If even one of these settings in a single domain is not secured, the attacker could exploit it and take over the enterprise As you go through the process to check these few settings in a few domains, keep track of the time and effort that it takes. Imagine that you will need to monitor these settings, plus MANY more, across the entire AD infrastructure, constantly!
