Active Directory security
In this directory security resource, experts provide insights and best practices around Active Directory security and LDAP, and also offer tips on how to install AD and LDAP, setup, configuration, tools, users and monitoring.
Top Stories
-
Answer
19 Apr 2023
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
-
Guest Post
15 Apr 2021
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
-
Definition
18 Nov 2022
single sign-on (SSO)
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications. Continue Reading
-
Guest Post
15 Apr 2021
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
-
Feature
31 Aug 2020
Securing Active Directory also involves good backup practices
The 'Active Directory Administration Cookbook' covers what admins can do in advance to bring the identity and access management platform back online after an attack. Continue Reading
-
Tip
08 Jul 2020
Active Directory replication troubleshooting tips and tools
When replication between domain controllers breaks down, just about everything else will grind to a halt. These utilities can help pinpoint the Active Directory issues. Continue Reading
-
News
24 Apr 2020
Emsisoft: U.S. ransomware attacks declined during pandemic
In the first quarter of 2020, the number of successful ransomware attacks on government and healthcare organizations in the U.S. decreased to a level unseen in years, Emsisoft said. Continue Reading
-
Tip
08 Apr 2020
Active Directory nesting groups strategy and implementation
Does your current Active Directory permissions setup spark joy? If not, then it's time to unscramble that confusing design into something that's easier to use and maintain. Continue Reading
-
News
19 Jul 2019
Enzoic for Active Directory brings continuous password protection
Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords. Continue Reading
-
Tip
24 Jun 2019
How to locate privileged accounts in Active Directory
IT administrators must be able to identify privileged accounts in Active Directory for a more secure enterprise; two methods can make the task easier. Continue Reading
-
Tip
30 Nov 2018
Stay in control with these Active Directory basics
Administrators have an ever-increasing number of resources to handle and permissions to track, but they can cut this seemingly impossible task down to size with Active Directory. Continue Reading
-
Tip
16 Nov 2018
Understanding what Azure AD federation really means
A company that adopts SaaS apps to get work done can ease the transition by implementing a single sign-on method. Learn how to set up this arrangement in a secure manner. Continue Reading
-
Quiz
17 Oct 2018
Can this Active Directory quiz stump you?
How much do you know about Active Directory? Find out with this Active Directory quiz on the service's basics, structure and capabilities. Continue Reading
-
Tutorial
10 Oct 2018
How to manage Active Directory groups with 7 PowerShell commands
Managing users, devices and other resources with Active Directory doesn't always require a GUI tool. Try PowerShell to streamline some of your administrative workload. Continue Reading
-
News
27 Sep 2018
Microsoft wants to eliminate passwords -- and there's an app for that
At its Ignite 2018 conference, Microsoft declared an end to the password era and extended support for its Microsoft Authenticator app to Azure AD-connected apps. Continue Reading
-
Answer
21 Aug 2018
Understand Active Directory basics for enterprise success
You can't get the most out of a tool unless you understand its features. This tip explains the basics of Active Directory and how it controls access and maintains order. Continue Reading
-
Tip
20 Jul 2018
How a bastion forest limits exposure of admin privileges
A Windows Server 2016 feature called a bastion forest is the centerpiece of Microsoft's privileged access management model that limits the exposure of admin rights. Continue Reading
-
News
20 Jul 2018
Microsoft launches Identity Bounty Program, offers up to $100,000
Microsoft introduced its new Identity Bounty Program that offers up to $100,000 in rewards for reported vulnerabilities in its identity services, such as Azure Active Directory. Continue Reading
-
Tip
01 May 2018
How the BloodHound tool can improve Active Directory security
Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help. Continue Reading
-
Tip
02 Apr 2018
Azure AD B2B offers a secure way to grant external access
Organizations that open up their resources to external users can restrict access using the Azure AD B2B service with minimal effort on the part of the administrators. Continue Reading
-
Answer
20 Dec 2017
QakBot malware: How did it trigger Microsoft AD lockouts?
QakBot malware triggered hundreds of thousands of Microsoft Active Directory account lockouts. Discover the malware's target and how these attacks are being carried out. Continue Reading
-
News
15 Dec 2015
Old Microsoft Kerberos vulnerability gets new spotlight
A new blog post detailed authentication vulnerabilities in Microsoft Kerberos that cannot be patched and could lead to attackers having free rein over systems. Continue Reading
-
Tip
01 Jun 2015
A Windows Server 2016 Group Policy walkthrough
Administrators who work with Group Policy will appreciate that the structure hasn't changed in Windows Server 2016, but there are new policies unique to the release worth noting. Continue Reading
-
Tip
09 Nov 2010
User provisioning best practices: Access recertification
User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification process in this tip from IAM expert Randall Gamby. Continue Reading
-
Answer
26 Jul 2007
How secure is the Windows registry?
In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives. Continue Reading