Active Directory Security Best Practices. Top 11 Security Mistakes in Active Directory and How to Avoid Them
Active Directory holds as the main authentication backend in nearly every organization the keys to the “crown jewels”. At the same time, Active Directory is heavily targeted by attackers that are using powerful, over many years sophistically evolved and publicly available frameworks and tool sets. Unfortunately, defense of Active Directory environments overlooks often some typical design, implementation, configuration and operational mistakes. In this talk, we focus on 11 typical ‘mistake areas’ that we identified as a result of Active Directory assessments over may years and we describe how to avoid or fix them.