Security News > 2021 > July > Podcast: Why Securing Active Directory Is a Nightmare

My guests today are Lee Christiansen and Will Schroeder, the SpecterOps researchers behind a recent report entitled Certified Pre-owned: Abusing Active Directory Certificate Servers, about attack paths in Microsoft Active Directory.

Will Schroeder: And the last thing I'll add on to that last kind of point is just the complexity of Active Directory along with, you know, how easy it can occasionally be to where one of the things we've seen and a term we've tried to help kind of push is misconfiguration debt, where we see Active Directory has been in an environment for a long period of time.

All three of us have been involved in securing and attacking Active Directory for a long, you know, a large number of years.

As an example, the research that Lee and I performed on Active Directory Certificate Services that we're talking about, at Black Hat, you know, introduces this whole additional, like attack surface that a lot of people didn't really fully know about or understand that's been around for decades, you know, this part of Active Directory and it provides a common way for organizations to misconfigure their environments in a different way that allows complete domain compromise.

Will Schroeder: You know a lot of security professionals, not all, but you know, many tend to focus on a particular attack or kind of whatever is new without holistically understanding, you know, the entire system of Active Directory and how it can really affect an organization with a lot of these new attacks.

A lot of people don't fully understand Astra directory, Certificate Services, even people that know Active Directory, you don't fully understand active directory certificate services.

News URL

https://threatpost.com/podcast-securing-active-directory-nightmare/168203/