IT Wire: Why deception rules in the defence of Active Directory
Reading Time: < 1 | Published: March 31, 2020 in Attivo News
Tags: Active Directory, cybersecurity, deception
A long time target for adversaries, Active Directory is getting a long-awaited defensive makeover.
…
One of the most common targets for attackers is Microsoft’s Active Directory (AD). Microsoft launched AD in the late ‘90s, and it quickly became the standard in the identity management market.
By design, AD holds and shares information on the network to regulate users and machines accessing the company’s resources. It is also vital to remember that every computer on the company’s network can talk (has access) to the AD, making it a frequent target for attackers. Once attackers have access to AD, they can quickly identify which accounts to target and that have access to endpoints to compromise for information of interest.
Deception technology makes it such that defenders no longer have to be right all the time. They can stop attackers at the door or sow enough confusion to slow their progress – give them pause, make them think and encourage them to misstep. It’s a change in the defensive posture, but one that’s already making a significant difference to defenders everywhere.
Read the full article by Jim Cook, Attivo Networks.
Share on:
Continue Reading
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
Newsletter Signup
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise