Ten Simple
Do we know exactly who can enact the following privileged tasks in our Active Directory?
Escalate privilege in Active Directory
Run Mimikatz DCSync against an Active Directory domain
Change the membership of any/all Active Directory security groups
Reset the passwords of any/all Active Directory user and computer accounts
Modify the ACLs protecting any/all Active Directory objects, e.g. AdminSDHolder
Change the ownership of any/all Active Directory objects, e.g. Enterprise Admins
Link a GPO to any/all OUs, e.g. the default Domain Controllers OU, or to the domain root
Create, manage, modify or delete domain user accounts, computer accounts and security groups
Create, manage, modify or severe trust relationships and connections to the Cloud e.g. Microsoft Azure
Modify critical Active Directory operational data in the Active Directory Configuration and Schema partitions
No Active Directory deployment in the world can be secured without knowing exactly who can enact these privileged tasks in Active Directory.
Every organization operating on Active Directory must know the answers to these ten simple, fundamental and paramount questions.
These questions can now be answered at the touch of a button by every single organization in the world.
Our Global Customers
Corporate Headquarters
620 Newport Center Drive, Suite 1100
Newport Beach, CA. 92660. USA.
Telephone: 001-949-468-5770
