AD Rollback and Recovery When I worked as an Active Directory (AD) Architect for over a decade, one of the most challenging tasks I experienced was the inability to easily and safely undo the mistakes administrators and I made. While Microsoft does provide some capabilities for recovering deleted objects with the AD recycle bin, it […]
AD Security Assessment Active Directory security is a hot topic. Some security professionals have made their living by uncovering vulnerabilities in directory services. Take for instance, Sean Metcalf at ADSecurity.org. He has an entire blog focused on Active Directory security. What tends to be lacking, however, is an easy-to-follow Security Assessment that highlights critical areas […]
2017 – A New Hope Protecting your company in 2017 should start from the inside out. Organizations have spent the last decade securing the perimeter from external threats with a fair amount of success. However, in the last couple years one of the most serious threats to cybersecurity stepped to the fore: the Insider. StaySafeOnline.org […]
The year 2016 is being called the Year of the Breach. A recent study by the Ponemon Institute shows that two-thirds of organizations affected by a cyber breach are unable to recover from the attack. Imagine these organizations – so many of them – ceasing to operate one by one as wanton and malicious cyber-attacks […]
StealthAUDIT is offering an exciting update on Wednesday with its first official Feature Pack. In this first feature pack, we are focusing on Active Directory and Systems Best Practices for Security and Operations. Let’s look at each in more detail. Active Directory Best Practices Active Directory (AD) provides authentication and authorization services for the majority […]
Active Directory Operations and Security As the primary authentication and authorization service for the majority of IT systems, the importance of Microsoft’s Active Directory (AD) cannot be understated. Over time, AD has grown increasingly complex, less secure, and more difficult to manage, resulting in a growing problem for organizations large and small. Given its importance, […]
Can They Access Sensitive Data? Businesses are facing unique challenges related to “privileged accounts,” accounts that are built into applications or systems with privileges that normal users do not have. Privileged accounts can also be created by administrators to manage specific applications, run services, execute tasks, and control file systems. Such privileged accounts are necessary […]
Group Policy is a native Microsoft technology. It allows organizations running Active Directory to centrally control and configure both user and computer settings to domain-joined machines. Group Policy allows administrators to make sweeping changes to all aspects of connected operating systems, including the Registry, for example. When implemented properly, this technology simplifies overall operating system […]
The 2016 Verizon DBIR is an all-encompassing look at a years’ worth of cyber related attacks. The most compelling statistic from the 2016 report states that in 93% of cases it only took an attacker minutes to compromise systems and networks, but weeks or months for the affected company to even realize that an incident […]
Several lessons can be learned from the spotlight that has been turned on Mossack Fonseca. For those of you just coming up to speed on “The Panama Papers”, Mossack Fonseca became a victim of a massive data breach. I use the term victim with a grain of salt as what the papers actually revealed about […]
Start a Free Stealthbits Trial!
No risk. No obligation.