A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Active Directory Security: Beyond the Easy Button - Sean Metcalf Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Active Directory Security: Beyond the Easy Button
Sean Metcalf
Derbycon 2019

Active Directory security has come to the forefront in the past few years, with more research & conference talks covering the issues. Many organizations have moved through the standard steps of limiting what accounts have administrative rights, configuring security tools, & optimizing visibility in their SIEM. So, what's next? This talk is focused on the items that greatly improve enterprise security that are the next steps that should be done (beyond the basics), & why they should, which often aren't. The action items required to consider an AD environment as "secure" are clearly outlined and identified. Visiting ADSecurity.org is only the beginning... :)

Sean Metcalf is founder & principal consultant at Trimarc (Trimarc.io), a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a Microsoft MVP, and has presented on Active Directory attack & defense at many security conferences (Black Hat, DEFCON, DerbyCon, etc). He currently provides security consulting services to customers and posts interesting Active Directory security information at ADSecurity.org.

@PyroTek3

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast