Security News > 2021 > September > What is AS-REP Roasting attack, really?
It is vital to ensure passwords are not found in a breached password database as breached password lists are used to crack passwords extracted using the AS-REP Roasting attack.
Enforcing effective password policies and using a breached password protection solution for Active Directory is essential to ensure your environment is not vulnerable to Kerberos attacks such as AS-REP Roasting.
Effective password policies help ensure users are using strong passwords that are not easily guessed or otherwise easy to attack with brute force or other common password attacks.
Recently, Specops released the next iteration of Breached Password Protection with Live Attack Data.
The Live Attack Data comes from a global honeypot solution used by Specops to gather the passwords that are used in live brute force attacks.
One of the best ways organizations can defend themselves is to have good password policies in place along with breached password protection, as attackers often use breached password databases in an AS-REP Roasting attack.