Semperis Launches Ready1 to Transform Cyber Crisis Response
Back to blogs listing

Active Directory Security

Categories

Featured Articles

How to Automatically Undo Risky Changes in Active Directory
  • Huy Kha | Senior Identity & Security Architect
  • Apr 21, 2025
AD Security 101: GPO Logon Script Security
  • Daniel Petri | Senior Training Manager
AD Security 101: Non-Default Security Principals with DCSync Rights
  • Daniel Petri | Senior Training Manager

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
BadSuccessor: How to Detect and Mitigate dMSA Privilege Escalation

BadSuccessor: How to Detect and Mitigate dMSA Privilege Escalation

  • Semperis Team
  • Jun 05, 2025

The BadSuccessor Active Directory attack technique exploits a dangerous Windows Server 2025 vulnerability. Learn how DSP indicators of exposure and compromise enable you to proactively halt malicious activity.

What is Identity Attack Surface Management?

What is Identity Attack Surface Management?

  • Daniel Petri | Senior Training Manager
  • May 23, 2025

A specialized identity attack surface management (IASM) practice is not optional. It’s a fundamental necessity for organizations that rely on identity services like Active Directory.

Exploiting the Intruder’s Dilemma for Active Directory Defense

Exploiting the Intruder’s Dilemma for Active Directory Defense

  • Huy Kha | Senior Identity & Security Architect
  • May 20, 2025

Can you create an AD defense that exploits intruder attack techniques? Learn how to selectively use an attacker’s own methods to detect and expel them.

Top 10 Active Directory Risks IFIR Has Caught in the Wild

Top 10 Active Directory Risks IFIR Has Caught in the Wild

  • Huy Kha | Senior Identity & Security Architect
  • May 15, 2025

Identity Forensics and Incident Response prioritizes business resilience, starting with understanding threats and reducing the attack surface. Tackle these 10 common AD risks now to strengthen your identity security.

Group Policy Preferences Abuse Explained

Group Policy Preferences Abuse Explained

  • Huy Kha | Senior Identity & Security Architect
  • May 13, 2025

The Group Policy Preferences feature provides a well-known pathway for cyber attackers to discover easily decoded passwords in Active Directory. Learn to spot and defend against this vulnerability.

Defending Against Cable: Prevent Malicious Use of Post-Exploitation Tool

Defending Against Cable: Prevent Malicious Use of Post-Exploitation Tool

  • Huy Kha | Senior Identity & Security Architect
  • May 06, 2025

Post-exploitation tools—such as Cable, the Active Directory-specific pentesting tool—are meant to educate security teams. But attackers use them too. Here’s how to detect and defend against malicious use of the Cable tool.

ESC1 Attack Explained

ESC1 Attack Explained

  • Huy Kha | Senior Identity & Security Architect
  • May 01, 2025

Discover how certificate template misconfigurations in Active Directory Certificate Services (AD CS) enable ESC1 attacks—allowing cyber attackers to rapidly escalate privileges and potentially compromise entire networks.

AD Security: How to Use Delegation of User Management and Windows Password Options

AD Security: How to Use Delegation of User Management and Windows Password Options

  • Guido Grillenmeier | Principal Technologist, EMEA
  • Apr 29, 2025

Permission delegation in Active Directory can be complex. Learn how you can use Windows password options with delegation management to support your user management structure without sacrificing AD security.