On the RADAR - Rearchitecturing of the Active Directory Adversary Resilience Methodology

To give better recommendations on how to improve security in Active Directory, moving to a data driven method is key. The Adversary Resilience Methodology shows us how we can achieve this with BloodHound, but it is currently hard to use and illustrate. By introducing a few extenstions to the BloodHound database along with some clever techniques, we can blazingly fast see exactly what mitigations impact the paths an attacker can take in the AD. This gives us the ability to know exactly what our mitigations will do in the environment, before we even propose them!

About the Speaker