Hybrid Identity Protection
Categories
- Active Directory Backup & Recovery (56)
- Active Directory Security (178)
- AD Security 101 (15)
- Community Tools (17)
- Directory Modernization (9)
- From the Front Lines (67)
- Hybrid Identity Protection (59)
- Identity Attack Catalog (9)
- Identity Threat Detection & Response (120)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (13)
- Threat Research (47)
- Uncategorized (1)
Meet Silver SAML: Golden SAML in the Cloud
- Tomer Nahum and Eric Woodruff
- Feb 29, 2024
Key findings Golden SAML, an attack technique that exploits the SAML single sign-on protocol, was used as a post-breach exploit, compounding the devastating SolarWinds attack of 2020—one of the largest breaches of the 21st century. The supply chain SolarWinds attack affected thousands of organizations around the world, including the U.S.…
How to Defend Against an Overpass the Hash Attack
- Daniel Petri
- Feb 09, 2024
In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need for plaintext passwords. Instead, an Overpass the Hash attack employs a user's hash to authenticate and potentially escalate privileges. As…
MFA for Active Directory: An Overview
- Sean Deuby
- Feb 02, 2024
Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes it more difficult for attackers to compromise your network. Multifactor authentication (MFA) is one of these layers. MFA has many…
NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)
- Daniel Petri
- Jan 23, 2024
Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system for most organizations: a critical part of your infrastructure, and a prime target for cyberattackers. This week, I’ll discuss the…
NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 2)
- Daniel Petri
- Jan 17, 2024
When it comes to cybersecurity—especially the security of critical identity infrastructure—the minimum expectation for every organization should be closing known vulnerabilities and configuration gaps. Welcome to the second of our three-part discussion of how the CISA and NSA top ten cybersecurity misconfigurations list applies to hybrid Active Directory environments and…
NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective
- Daniel Petri
- Jan 09, 2024
Late last year, the United States National Security Agency's (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a list of the most common vulnerabilities in large computer networks. This list of CISA and NSA top ten cybersecurity misconfigurations reveals systemic weaknesses, particularly in (though not limited to) Microsoft Windows…
4 Reasons to Increase Recoverability of Entra ID Resources
- Tuna Gezer
- Dec 01, 2023
By now it’s well known that cyberattackers consider Active Directory their favorite target. AD—the primary identity store for 90% of businesses worldwide—was built for efficient user authentication and access management, but many legacy on-premises AD environments have risky misconfigurations that have accumulated over time. By exploiting AD security gaps, attackers…
Semperis Offers New Protection Against Okta Breaches
- Semperis Research Team
- Aug 30, 2023
In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and Entra ID (formerly Azure AD). But identity protection is just as vital for organizations that use Okta, a cloud-based identity…
