Behind every breach is a (potentially) insecure Active Directory

Active Directory has become a favored target for attackers to elevate privileges and facilitate lateral movement through leveraging known flaws and misconfigurations.

AD is complex, and with new malware specifically targeting AD, the risk of a breach increases. The most common attack method, to date, is to take advantage of a combination of unpatched AD vulnerabilities and misconfigurations. By doing so, attackers can systematically exploit unpatched common vulnerabilities and exposures and remote access gateways to execute primo-infection. Next, attackers use misconfigurations in AD to move laterally through the network. Once they’ve gained some level of access, attackers escalate privileges while maintaining persistence in the network infrastructure. [source - Tenable AD blog post]

By adopting a more proactive stance towards AD-security, organisations will be able to shut down new threats to their Active Directory whenever they are uncovered.

On Tuesday March 21 @ 11:00 - 12:30 CET, experts from Tenable and Watchcom meet in Oslo to demonstrate and discuss how the Tenable.ad solution can assist you in protecting your organisation´s AD. Such a comprehensive real-time security strategy to find, prioritize, and remediate threats and misconfigurations will be essential to secure your AD proactively.

Tenable Active Directory Security offers a fast, frictionless (agentless), Active Directory security solution to visualize AD's involvement across the entire attack path.

With Tenable Active Directory Security you can:

• Pinpoint the highest risks and provide detailed remediation steps
• Visualize attack paths from any specific point of entry to eliminate privilege escalation
• Catch every change in your AD
• Identify the connections between AD changes and malicious actions