Active Directory security news, help and research

Active Directory security News

March 04, 2021 04 Mar'21
Microsoft makes passwordless push in Azure Active Directory

To adapt to security challenges like remote work and increasingly sophisticated threats, Microsoft is building a passwordless ecosystem within Azure Active Directory.
January 20, 2021 20 Jan'21
FireEye releases new tool to fight SolarWinds hackers

The new tool, dubbed Azure AD Investigator, will help audit Microsoft 365 environments for techniques used by the nation-state actors behind the SolarWinds supply chain attack.
April 24, 2020 24 Apr'20
Emsisoft: U.S. ransomware attacks declined during pandemic

In the first quarter of 2020, the number of successful ransomware attacks on government and healthcare organizations in the U.S. decreased to a level unseen in years, Emsisoft said.
July 19, 2019 19 Jul'19
Enzoic for Active Directory brings continuous password protection

Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords.

Bring yourself up to speed with our introductory content

Organize a cloud IAM team to secure software-defined assets

Building a cloud IAM team with the necessary technical expertise and soft skills is key to securely managing IAM in complex cloud environments. Continue Reading
single sign-on (SSO)

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications. Continue Reading
Stay in control with these Active Directory basics

Administrators have an ever-increasing number of resources to handle and permissions to track, but they can cut this seemingly impossible task down to size with Active Directory. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Understanding what Azure AD federation really means

A company that adopts SaaS apps to get work done can ease the transition by implementing a single sign-on method. Learn how to set up this arrangement in a secure manner. Continue Reading
How does the CLDAP protocol DDoS amplification attack work?

DDoS amplification attacks that use the CLDAP protocol are a new threat to enterprises. Expert Matthew Pascucci explains how they work and how enterprises can protect themselves. Continue Reading
Making updates to your IAM framework

This Security School examines how security professionals should consider updating and adapting their IAM framework to work with emerging technologies. Continue Reading

Learn to apply best practices and optimize your operations.

Active Directory nesting groups strategy and implementation

Does your current Active Directory permissions setup spark joy? If not, then it's time to unscramble that confusing design into something that's easier to use and maintain. Continue Reading
How to locate privileged accounts in Active Directory

IT administrators must be able to identify privileged accounts in Active Directory for a more secure enterprise; two methods can make the task easier. Continue Reading
Set up users with key PowerShell Active Directory commands

User management in Active Directory doesn't have to fill you with click-induced anxiety. Try these PowerShell tips for a more efficient way to get this work done. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Securing Active Directory also involves good backup practices

The 'Active Directory Administration Cookbook' covers what admins can do in advance to bring the identity and access management platform back online after an attack. Continue Reading
Active Directory replication troubleshooting tips and tools

When replication between domain controllers breaks down, just about everything else will grind to a halt. These utilities can help pinpoint the Active Directory issues. Continue Reading
How to detect and defend against a TCP port 445 exploit and attacks

The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks. Continue Reading