Identity Threat Response with Brian Desmond

By Sean Deuby November 04, 2022 | Active Directory Recovery

Identity threat response—the initial aspect of ITDR—is gaining importance as cyberattackers continue to find new ways into victims’ environments. I recently spoke with Brian Desmond, Principal at Ravenswood Technology Group, about his experience helping organizations secure identity and protect and recover critical identity assets like Active Directory (AD).

“Anything that can exert control over the whole environment, over identities…we really want to figure out how we can put a ring around it and limit how control can be exerted,” says Brian. That includes implementing MFA, but it goes far beyond such precautions.

“If all [MFA providers] protect are remote desktop sessions or local logons, that’s great, that makes you feel good,” Brian notes. “But at the end of the day, that’s probably not how your stereotypical bad guy is going to abuse things.”

Identity threat protection and AD

With increases in remote workers and the complications inherent to hybrid AD environments, it’s no wonder ITDR solutions are gaining traction. “We continue to see things like customers with hundreds of domain admins…customers with shared service accounts in the Domain Admins group because that was the only way they could get things to run,” Brian explains. “We see people … who are running on out-of-support or unpatched domain controllers…these things are so prevalent.”

What types of questions should security pros be asking? Listen to this episode of the Hybrid Identity Protection (HIP) Podcast to learn more.

Want more Hybrid Identity Protection?

Launched in April 2020, the HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. In each episode, I interview some of the industry’s most knowledgeable—and interesting—experts. The HIP Conference expands this experience with hands-on learning from some of today’s premier identity security experts.

Learn more about ITDR and identity threat response

The term “ITDR” might be new, but our dedication to hybrid identity threat detection and response isn’t. Check out these resources for more information:

About the author
Sean Deuby
Sean Deuby Director of Services
Sean brings 30 years’ experience in enterprise IT and hybrid identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity since its inception. Since then, his experience as an identity strategy consultant for many Fortune 500 companies gives him a broad perspective on the challenges of today's identity-centered security. Sean is an industry journalism veteran; as former technical director for Windows IT Pro, he has over 400 published articles on AD, hybrid identity, and Windows Server. Linkedin
Unlock cyber resilience. Get a demo