Treat the Problems, Not the Symptoms: Baby Steps to a More Secure Active Directory Environment

Presented at BSidesSF 2019, March 4, 2019, 4:10 p.m. (30 minutes)

Since it was introduced twenty years ago, Active Directory has become a major security concern for the majority of enterprises. In spite of the enormous amounts of money spent on defense security products, it is very hard to efficiently protect large domain environments that span across multiple domains and forests. In this presentation we will offer an alternative view on Active Directory security with a strong focus on actionable steps security teams can take to improve their domain security. After a short overview of the current attack trends, we will explore why most defensive products deployed today are not enough to secure complex multi-domain environments and what additional measures security teams should take to better protect their infrastructure.


Presenters:

  • Yaron Shani
    Yaron Shani has been working in the security field for the last 8 years. He is currently senior researcher at XM Cyber, researching how to attack and mitigate popular threat actors trends in large enterprise network. His past work was ranging from reversing embedded systems, developing new anti-anti debugging techniques, kernel debugging, and red teaming. In his free time, Yaron likes to design and 3D print stuff, design and develop IOT devices, process 3D images, and make fun electronics projects.
  • Igal Gofman
    Igal Gofman is a head of security Research at XM Cyber. Igal has a proven track record in network security, research-oriented development, and threat intelligence. His research interests include network security, intrusion detection, operating systems, and active directory. Prior to XM Cyber, Igal worked as a security researcher at Microsoft and a Threat Response Team Lead at Check Point Software Technologies leading the development of the intrusion detection system. Igal has spoken at various security conferences including DEFCON and BlueHat.

Links:

Similar Presentations: