Active Directory Security
Categories
- Active Directory Backup & Recovery (64)
- Active Directory Security (224)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (68)
- Identity Attack Catalog (32)
- Identity Threat Detection & Response (149)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (5)
- The CISO's Perspective (16)
- Threat Research (68)
- Uncategorized (1)
What You Need to Know about SEC Regulation S-P Requirements and Active Directory
- James Doggett | Semperis CISO
- Dec 18, 2024
CISOs in the financial sector have another new regulatory challenge to contend with. Earlier this year, the U.S. Securities and Exchange Commission (SEC) adopted new cybersecurity incident response and disclosure rules, demanding new approaches to disaster recovery planning. For affected organizations, the new SEC Regulation S-P requirements demand a new…
Zerologon Exploit Explained
- Huy Kha | Senior Identity & Security Architect
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC). This flaw is known as Zerologon—a vulnerability that can give attackers full control over a domain. What is…
Active Directory Security Measures for U.S. State and Local Government and Education
- Edward Amoroso
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Broad cybersecurity support encompasses a wide variety of obligations, ranging from compliance documentation to user training. But the most challenging—and essential—aspect of Microsoft Active Directory (AD) security involves the detection of attacks, before, during, and…
The Role of Active Directory in U.S. Public Sector Cybersecurity
- Edward Amoroso
[Editor's note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Any observer of public sector cybersecurity will recognize the serious challenges in information technology (IT) protections for U.S. public sector agencies over the past few decades. Major incidents, such as the 2015 data breach at…
Password Spraying Detection in Active Directory
- Huy Kha | Senior Identity & Security Architect
Password spraying detection is a vital ability for all organizations. In a password spraying attack, the attacker attempts to gain unauthorized access by trying a few common or weak passwords across many accounts rather than targeting a single account with many passwords. The idea is to test several passwords, hoping…
The 5 Pillars for DORA Compliance in Active Directory
- Daniel Lattimer | Area Vice President - EMEA West
The Digital Operational Resilience Act (DORA) is an incoming European Union (EU) legislative framework aimed at fortifying the operational resilience of digital systems within the financial sector. All finance entities that operate in or with the EU need to achieve DORA compliance by early 2025, as do information and communication…
Cohesity and Semperis Provide Unmatched Cyber Resilience for Business-Critical Data
- Nico Devoti | Senior Director, Technology Alliances
An organization’s data is one of its most valuable assets—and a prime target for cyberattackers, who prove time and again that their victims will pay large ransom sums to get exfiltrated data back. According to Semperis’ 2024 Ransomware Risk Report, 78% of organizations that were hit by a ransomware attack…
Hello, My Name Is Domain Admin
- Mickey Bresman
My friends know I'm a movie buff. Being also a mixed martial enthusiast, one of my all-time favorites is Fight Club, based on Chuck Palahniuk's first novel. The story is about an identity crisis: rebelling against consumerism, trying to find truth and meaning in life, and becoming a "real" person…
