Active Directory has been providing critical services and infrastructure to nearly every company, organization and even government agencies since Y2k. AD has grown with us, both in functionality and security but so have the attackers. Since AD contains information about all of our users – both standard and admins, touches and controls access to most of our critical resources and intellectual property, and has been extended to the cloud, it is still a prime target for attack and exploit.
This session will discuss some of the modern exploits as well as legacy attacks that still produce results for attackers. We will discuss the creativity of the attackers and simple ways and technology that will make the attack avenues useless, prevent the AD breaches, and keep information safe.