Presented at
TROOPERS17 (2017),
March 23, 2017, 4 p.m.
(Unknown duration)
Active Directory holds as the main authentication backend in nearly every organization the keys to the "crown jewels". At the same time, Active Directory is heavily targeted by attackers that are using powerful, over many years sophistically evolved and publicly available frameworks and tool sets. Unfortunately, defense of Active Directory environments overlooks often some typical design, implementation, configuration and operational mistakes. In this talk, we focus on 11 typical ‘mistake areas' that we identified as a result of Active Directory assessments over may years and we describe how to avoid or fix them.
Presenters:
-
Heinrich Wiederkehr
Heinrich Wiederkehr is a Security Consultant at ERNW and part of the Microsoft security team. He focuses on research, conception und assessment in various areas of Windows-based environments. Apart from security trainings, his work concentrates on audits and pentests of large-scale enterprise networks with emphasis on Active Directory. A wide variety of projects for different customers give him a solid awareness of the practical realities and an eye for essentials. Heinrich holds a Bachelor degree in Corporate & IT Security at University of Applied Sciences Offenburg.
-
Friedwart Kuhn
Friedwart Kuhn is a renowned expert for Active Directory security and has performed a huge number of projects both in the concept and design space and in the pentesting and incident analysis field.
Links:
Similar Presentations: