Identity Threat Detection & Response

AD Security 101: Domain Controller Security

AD Security 101: Domain Controller Security

  • Daniel Petri
  • May 05, 2023

For organizations that use Active Directory (AD), securing domain controllers (DCs) is an essential part of AD security. DCs are critical components of the IT infrastructure. These servers hold sensitive and security-related data, including user account information, authentication credentials, and Group Policy objects (GPOs). Naturally, then, DC security is an…

Identity Attack Watch: AD Security News, April 2023

Identity Attack Watch: AD Security News, April 2023

  • Semperis Research Team
  • Apr 28, 2023

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

Identity Attack Watch: AD Security News, March 2023

Identity Attack Watch: AD Security News, March 2023

  • Semperis Research Team
  • Mar 31, 2023

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

5 New Ways to Secure Active Directory and Azure Active Directory

5 New Ways to Secure Active Directory and Azure Active Directory

  • Eitan Bloch
  • Mar 30, 2023

Securing Active Directory (AD)—the common target in 9 out of 10 cyberattacks—is difficult. Many organizations have legacy AD environments with accumulated misconfigurations that attackers love to exploit. And although 90% of organizations worldwide use AD as their primary identity store, Gartner research shows that only 33% have any sort of…

AD Security 101: SIEM Tools and AD Monitoring

AD Security 101: SIEM Tools and AD Monitoring

  • Daniel Petri
  • Mar 23, 2023

Before we dive into technical tips that I mentioned in my previous post, I want to raise an important point. If you're relying solely on security information and event management (SIEM) tools for Active Directory (AD) security monitoring—especially against potential cybersecurity attacks—you might not be getting a complete picture of…

AD Security 101: AD Monitoring for Malicious Changes

AD Security 101: AD Monitoring for Malicious Changes

  • Daniel Petri
  • Mar 09, 2023

Welcome to AD Security 101. This blog series covers essential aspects of Active Directory (AD) security, offering basic concepts, best practices, and expert advice. I’ll start with a short discussion of why AD security is so important. Then I’ll dive into the series with one of the first steps you…

3 Steps to Protect AD from Wiperware

3 Steps to Protect AD from Wiperware

  • Darren Mar-Elia
  • Feb 10, 2023

We’re barely a month into the new year, but wiperware is back in the news. DevPro Journal notes a “drastic increase” starting last year, likely driven by geopolitical conflict. What is wiperware—and how can you protect your organization? What is wiperware? Wiperware is often used as part of an advanced…

Identity Attack Watch: AD Security News, January 2023

Identity Attack Watch: AD Security News, January 2023

  • Semperis Research Team
  • Jan 31, 2023

Cyberattacks targeting Active Directory are on the upswing, putting pressure on identity and Active Directory (AD) security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that…