How to Crack an Active Directory Password in 5 Minutes or Less

The massive Equifax data breach compromised sensitive information for roughly 143MM people and is a sobering reminder that security flaws still exist in most organizations. The fact is that most enterprises use Active Directory as the cornerstone of their IT systems and, while AD can be configured in a very secure way, it runs on […]

The Top 5 Things to Know About the Latest Cyber Attacks

The latest rash of cyber attacks has both IT experts and C-level executives wanting to, well, cry. Malware, such as WannaCry and Petya/NotPetya, has been taking enterprises hostage across the globe, encrypting files and holding them ransom in exchange for money. The result? Network outages, debilitated health care institutions, delayed invoicing and shipments, and millions […]

Active Directory as A Target: Why AD Defense Is More Critical Than Ever

We can start with the obvious. Active Directory is the cornerstone of an increasing number of business functionalities, and every year more work hinges on stable AD operability. AD access is also a gateway to a lot of your organization’s information. It’s known that there is no such thing as an attack-proof organization, and according […]

NIST joins Microsoft in Changing How We Should Think About Passwords

On the heels of Microsoft’s updated password recommendations, the National Institute for Standards and Technology (NIST) has come out with its own updated password guidelines. These recommendations parallel many of Microsoft’s recommendations and thus give them extra credibility; in some areas they go further. When two major security industry influencers independently come to such similar […]

When you should use Azure MFA and when you should use MFA Server

One of the most common security-related trends I’m seeing with customers is an interest in adding multifactor authentication (MFA) to both their new and existing solutions. This trend is usually driven by a need to increase overall security, or to satisfy regulatory requirements. As a hybrid service, Microsoft’s Azure Multifactor Authentication (MFA) service has both […]

Microsoft upends traditional password recommendations with significant new guidance

Based on research gleaned from literally billions of login attempts to its Azure cloud service, Microsoft updates its password recommendations – and throws out several long-held industry best practices. Microsoft has recently published a white paper, “Microsoft Password Guidance” that explains their new password guidance, based on the massive amount of data they’re collecting at […]

SaaS Passwords Are Like Cockroaches

And in the case of passwords, each one – especially each forgotten one – is a little security risk scurrying around in the shadows. You may think you have gotten rid of them (or at least reduced them to a manageable amount), but they still keep popping up. And as we all know, SaaS applications, […]

8 Situations That Put Your Active Directory At Risk

Active Directory Domain Services (AD DS) has grown to be a marvelously reliable, highly scalable, and fault tolerant core component of your company’s IT infrastructure. It generally works quite well without requiring a lot of attention. But the AD DS admin must put in extra work to take the service from a “working well on […]