Obstacles and threats organizations face when protecting AD

2021-10-06 05:00

Attivo Networks announced the availability of a research report conducted by Enterprise Management Associates which focuses on Active Directory, exploring the obstacles and threats organizations face when protecting AD and how they adapt to address these growing concerns.

As evidence of the value that attackers place in exploiting Active Directory and the privileges it contains, the report revealed that 50% of organizations experienced an attack on Active Directory in the last 1-2 years, with over 40% indicating the attack was successful.

An equally troubling finding was that penetration testers successfully exploited AD exposures 82% of the time, which suggests that actual attack findings may be underrepresented due to lack of visibility to exploits.

Most organizations plan to increase investment in protecting AD. In response to Active Directory being under siege, 86% of organizations plan to increase investment in protecting AD. They cite the increased prevalence of AD attacks, an increase in remote or work-from-home activity, an expansion of cloud usage, and prevalence of advanced attacks, such as ransomware 2.0, as top reasons for doing so.

Nearly two-thirds indicated that they employ AD attack detection tools and endpoint detection and response tools, while just over half use antivirus/endpoint protection platforms.

"The main challenges to protecting Active Directory are detecting live AD attacks, the lack of visibility into the AD environment, and the necessary coordination of communicating AD security across multiple teams," said Carolyn Crandall, chief security advocate at Attivo Networks.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/laF8FK4RKIQ/

#threat