What You Need to Know About Securing Active Directory
Date: Tuesday, May 11th at 11am PDT / 2pm EDT
For more than two decades, Microsoft Active Directory (AD) has been the de facto method organizations use to authenticate and authorize users so they can access computers, devices, and applications within a network. AD is celebrated for its ease of management. But that ease of use comes with security downsides. Replicating an AD forest, for example, centralizes access to a company’s information stores, so once an attacker gains entry, the threat actor can wreak havoc across the enterprise. AD is difficult to secure given its constant flux, sheer volume of settings, and the ever-expanding proliferation of advanced and powerful hacking and discovery tools.
In this web seminar, Guido Grillenmeier, (Semperis Chief Technologist) and Jim Doggett (CISO) will discuss AD access points used in recent cyberattacks, how to look for warning signs that AD has been compromised, and steps to take in the event of an attack. You’ll come away from this seminar with guidelines for securing AD from cyberattacks, including:
- Identifying Indicators of Exposure (IoEs)
- Understanding changes that bypass security logs (including disabling or deleting logs or disabling agents that prevent injection attacks)
- Preparing for AD attack remediation
- Understanding limitations of native AD rollback capabilities
- Ensuring post-attack recovery doesn’t re-introduce malware
About the presenters:
Guido Grillenmeier | Chief Technologist, Semperis
Guido Grillenmeier is Chief Technologist with Semperis. Based in Germany, Guido has been a Microsoft MVP for Directory Services for 12 years. He spent 20+ years at HP/HPE as Chief Engineer. A frequent presenter at technology conferences and contributor to technical journals, Guido is the co-author of Microsoft Windows Security Fundamentals. He’s helped various customers secure their Active Directory environments, and supported their transition to Windows 10/m365 and Azure cloud services.
Jim Doggett | CISO, Semperis
High energy leader focused on embedding risk management, security, and compliance into the business fabric to efficiently manage risks. Retired partner from EY where he spent 27 years helping clients through financial audits and building and sustaining security, risk and controls. Served as global leader of Information Risk and Resiliency for the Treasury and Security Services division of JP Morgan, Chief Security Officer (CISO) and Chief Technology Risk Officer for Kaiser Permanente, and Chief Technology Risk Officer and CISO for AIG. Subsequently, helped start up Panaseer in building the first continuous controls monitoring platform (remain as Board Advisor) and presently CISO at Semperis.