Top 10 Ways to Improve Active Directory Security Quickly

Active Directory (AD) launched in the year 2000 and in the 20+ years since many things have changed, including attacker interest and ability to compromise AD.

Trimarc has been performing Active Directory Security Assessments (ADSAs) for more than 6 years and over this time we have assessed customer Active Directory security posture across industries in Active Directory forests with hundreds of users to over a million users. Based on this experience, we have a solid understanding of the easier or more straightforward things that customers of any size can do to improve their Active Directory security and this webcast provides us the opportunity to share this information and recommendations.

This Trimarc Webcast provides information about current AD attack methods attackers are leveraging to compromise Active Directory and 10 things you can do now to frustrate attackers. The goal of this presentation is to provide the best methods to improve Active Directory security quickly!

Learn about attacks like NTLM & Kerberos relay as well as KrbRelayUp along with real-world advice and guidance on how to mitigate these attacks.

Information is provided on the following key Active Directory security topics that are meant to help you increase the security posture of your AD environment today/this week with feasible and actionable recommendations on what to do as well as the attacks that these recommendations thwart.

Sean Metcalf, Trimarc Founder & Microsoft Certified Master in Active Directory, lead this Trimarc Webcast and is joined by Trimarc team members Tyler Robinson and Darryl Baker who help cover AD security attack and defense topics.

Note that this webcast is not meant to provide comprehensive AD security guidance. Instead, we focus on the "quick wins" that can enhance AD security in the short term. Trimarc plans to host a webcast in the future that will effectively be a "Part 2" to this one which covers the most important steps to hardening AD and greatly increase environment security (which tend to be more involved and take more time).

This Trimarc Webcast was live-streamed and recorded on June 23rd, 2022.

To learn more about Trimarc Security and to register for future live Webcasts visit https://trimarcsecurity.com
Follow Sean Metcalf on Twitter @Pyrotek3
Follow Trimarc on Twitter @TrimarcSecurity
Get the slides at:
https://www.hub.trimarcsecurity.com/p...

0:00 Start
8:52 Intro
11:30 Agenda
12:41 Modern AD Attacks
34:10 Limiting Password Attacks
37:48 Review AD Admins & Highly Privileged Service Accounts
42:01 ADCS Security Checks
45:40 Kerberos Delegation Security
50:00 Auditing Insecure Protocols & Dangerous Defaults
52:45 Limiting Local Admin Accounts
56:08 Domain Controller Security
1:02:48 The Path to Tier 0
1:04:40 The Trimarc Top Ten List
1:06:09 Conclusion
1:07:44 Q&A
Q&A