Would Your Organization Fail the Active Directory Security Assessment?
Date: Thursday, April 22nd at 11am PDT / 2pm EDT
As cyberattacks proliferate, many organizations are investing resources in plugging holes in their security strategy. But one common attack entry point—also used in the SolarWinds breach—is consistently overlooked: Active Directory. According to results from a new security assessment tool that evaluates security weaknesses in Active Directory configurations, even large organizations with extensive resources are seeing average scores of 58%—a failing grade.
Where are companies failing in securing Active Directory—and how can you strengthen your AD defenses? Join Microsoft identity experts Darren Mar-Elia and Ran Harel as they walk through the most common weak spots in Active Directory configurations—and how to fix them.
You’ll come away from this session with a practical checklist of AD vulnerabilities to watch for in your environment, including:
- Password policies that are inadequate for modern account protection
- Accounts with elevated privileges in place that haven’t been adequately reviewed
- Accounts with delegated permissions over Active Directory that have unwanted consequences on AD security that have proliferated over time
- Weaknesses in Kerberos usage that are increasingly being exploited to gain privileged access
- Weak Group Policy configuration, which creates a variety of holes that attackers can drive through
About the presenters:
Darren Mar-Elia, VP of Product, Semperis
A 14-year Cloud and Datacenter Microsoft MVP, Darren Mar-Elia has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.
Ran Harel, Principal Security Product Manager, Semperis
Ran has over 15 years’ security experience including pen-testing, SecOps and risk-and-compliance management at global financial institutions. Recently, Ran has held leading product roles at a global cybersecurity vendor and two acquired startups.