The IT infrastructure of many small businesses as well as large corporates is based on Microsoft Active Directory. Active Directory is the central component for a variety of aspects including authentication of users, providing authorization to resources, and enforcement of security policies. With these functionalities Active Directory constructs the digital foundation of your business.
The complexity of Active Directory combined with the organic growth of businesses often lead to the introduction of security weaknesses. These can go unnoticed for years, until the moment an attacker or a piece of malware manages to get a foothold in the network. At that moment, these weaknesses in Active Directory can suddenly lead to a convenient escalation path to move from a user with limited privileges towards an almighty administrative user which directly or indirectly has full access to all of the businesses (critical) systems and crown jewels.
A quick win for any organization is to perform an evaluation of the security of Active Directory to identify and fix the unintended escalation paths that most likely exist. This results in a much more resilient Active Directory setup, blocking attackers at the perimeter.
Throughout my career I have performed numerous Red Team exercises during which I have consistently used Active Directory to identify and abuse escalation paths to get to the crown jewels. Besides that, I am regularly performing research on Active Directory in my lab environment to get an in-depth understanding from a sysadmin perspective. Furthermore, over the years I have performed a variety of Active Directory security analysis assignments and developed a methodology to systematically evaluate the various aspects of Active Directory security.
In case you are wondering what the resilience of your organization’s Active Directory is, get in touch and let’s discuss how I can help you to your Active Directory better under control!