Beyond The MCSE: Active Directory for The Security Professional.

by Sean Metcalf Sept. 14, 2017 via www.blackhat.com submitted by belen_caty

Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, authentication, and management capabilities. This means that both Red and Blue teams need to have a better understanding of Active Directory, it's security, how it's attacked, and how best to align defenses. This presentation covers key Active Directory components which are critical for security professionals to know in order to defend AD. Properly securing the enterprise means identifying and leveraging appropriate defensive technologies. The provided information is immediately useful and actionable in order to help organizations better secure their enterprise resources against attackers. Highlighted are areas attackers go after including some recently patched vulnerabilities and the exploited weaknesses. This includes the critical Kerberos vulnerability (MS14-068), Group Policy Man-in-the-Middle (MS15-011 & MS15-014) and how they take advantages of AD communication.

https://www.blackhat.com/us-16/briefings.html#beyond-the-mcse-active-directory-for-the-security-p...

Avatar
Steven Ulm 4 weeks, 1 day ago

Mhm, not sure I totally can agree with this... the approach towards MCSE should slightly different.

Reply