7MS #360: Active Directory Security 101 - Part 2


Manage episode 231982821 series 1288763
By Brian Johnson. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

This episode of the 7 Minute Security podcast is brought to you by Netwrix. Netwrix Auditor empowers IT pros to detect, investigate and resolve critical issues before they stifle business activity, and proactively identify and mitigate misconfigurations in critical IT systems that could lead to downtime. For more information, visit netwrix.com.

In today's program we continue a series on fundamental Active Directory security that we started back in episode 327. I took all the things I talked about in that episode, as well as the new additions discussed today:

  • Finding your most vulnerable AD abuse paths with BloodHound. For a two-part pentest tale showing how BloodHound can be used/abused by attackers, check out episodes 353 and 354.

  • Get a deep-dive look at your AD machines, users, shares, OS versions and more with Network Detective.

  • How to de-escalate local admins (and prevent them from over-using/abusing the use of their privileged account)

  • Although I haven't tested it yet, Logging Made Easy looks like an awesome and free way to get some entry-level logging setup in your environment. Can't wait for a good lab day to play!

Here are ALL the AD Security 101 tips in a delicious [gist].

381 episodes