Quantifying Potential Lateral Movement Exposure for Privileged Accounts in Active Directory

Webinar Registration

Attackers have proven far too successful at starting with one little end-user account and laterally moving along until they gain privileged credentials and can do whatever they want and access whatever they want.

Preventive control technologies like strong authentication, privileged password management and red-forest (ESAE) are rightly getting a lot of attention but that’s just one important layer consisting of preventive controls. And usually you can’t enforce the technologies 100% across the board. 

In this real training for free session we will discuss a different defense layer of detective control you can implement around privileged accounts that reinforces those preventive controls where deployed and compensates where they aren’t.

We’re talking about measuring every dimension of potential lateral movement for privileged accounts including

  • Membership of built-in privileged groups
  • Members of nested groups
  • Users where their adminCount property > 0
  • Identifying privileged users via delegated permissions
  • Identify who can extend/expand privileged authority by
    • group membership
    • delegation of privileged permissions
    • password reset of privileged accounts
  • Endpoints
    • Already exposed to privileged credentials
    • Potential for exposure because of current logon rights

As you can see there are many dimensions to admin authority and if any one of them is too loose, you are increasing the potential for privileged credential theft by lateral movement.

Understanding all these dimensions is the first step, but the real value comes when you gain the visibility necessary to measure each of these dimensions in your environment. Even collapsing nested groups to get a flat list of all administrators can be time consuming much less analyzing the ACL of each object in AD to find delegated permission. So Matthew Vinton, from our sponsor Quest, will briefly show you how Quest Enterprise Reporter makes this easy.

Please join us for this real training for free session.

First Name:  
Last Name:  
Work Email:  
Phone:
Job Title:
Organization:
Country:  
Address:
City:
State:
Zip/Postal Code:
Public sector:
Company Size:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Upcoming Webinars
    Additional Resources