Identifying the Tier 0 Assets in Your Active Directory Environment is Step #1 in ITDR

1/30/2025 12:00:00 PM [(UTC-05:00) Eastern Time (US & Canada)] - Can't make the live event? Register anyway to receive a link to the recording.

Other Time Zones

GMT Standard Time-(UTC+00:00) Dublin, Edinburgh, Lisbon, London    1/30/2025 5:00:00 PM
Show/Hide All Time Zones

All Time Zones

Dateline Standard Time-(UTC-12:00) International Date Line West 1/30/2025 5:00:00 AM
UTC-11-(UTC-11:00) Coordinated Universal Time-11 1/30/2025 6:00:00 AM
Aleutian Standard Time-(UTC-10:00) Aleutian Islands 1/30/2025 7:00:00 AM
Hawaiian Standard Time-(UTC-10:00) Hawaii 1/30/2025 7:00:00 AM
Marquesas Standard Time-(UTC-09:30) Marquesas Islands 1/30/2025 7:30:00 AM
Alaskan Standard Time-(UTC-09:00) Alaska 1/30/2025 8:00:00 AM
UTC-09-(UTC-09:00) Coordinated Universal Time-09 1/30/2025 8:00:00 AM
Pacific Standard Time (Mexico)-(UTC-08:00) Baja California 1/30/2025 9:00:00 AM
UTC-08-(UTC-08:00) Coordinated Universal Time-08 1/30/2025 9:00:00 AM
Pacific Standard Time-(UTC-08:00) Pacific Time (US & Canada) 1/30/2025 9:00:00 AM
US Mountain Standard Time-(UTC-07:00) Arizona 1/30/2025 10:00:00 AM
Mountain Standard Time (Mexico)-(UTC-07:00) La Paz, Mazatlan 1/30/2025 10:00:00 AM
Mountain Standard Time-(UTC-07:00) Mountain Time (US & Canada) 1/30/2025 10:00:00 AM
Yukon Standard Time-(UTC-07:00) Yukon 1/30/2025 10:00:00 AM
Central America Standard Time-(UTC-06:00) Central America 1/30/2025 11:00:00 AM
Central Standard Time-(UTC-06:00) Central Time (US & Canada) 1/30/2025 11:00:00 AM
Easter Island Standard Time-(UTC-06:00) Easter Island 1/30/2025 12:00:00 PM
Central Standard Time (Mexico)-(UTC-06:00) Guadalajara, Mexico City, Monterrey 1/30/2025 11:00:00 AM
Canada Central Standard Time-(UTC-06:00) Saskatchewan 1/30/2025 11:00:00 AM
SA Pacific Standard Time-(UTC-05:00) Bogota, Lima, Quito, Rio Branco 1/30/2025 12:00:00 PM
Eastern Standard Time (Mexico)-(UTC-05:00) Chetumal 1/30/2025 12:00:00 PM
Eastern Standard Time-(UTC-05:00) Eastern Time (US & Canada) 1/30/2025 12:00:00 PM
Haiti Standard Time-(UTC-05:00) Haiti 1/30/2025 12:00:00 PM
Cuba Standard Time-(UTC-05:00) Havana 1/30/2025 12:00:00 PM
US Eastern Standard Time-(UTC-05:00) Indiana (East) 1/30/2025 12:00:00 PM
Turks And Caicos Standard Time-(UTC-05:00) Turks and Caicos 1/30/2025 12:00:00 PM
Paraguay Standard Time-(UTC-04:00) Asuncion 1/30/2025 2:00:00 PM
Atlantic Standard Time-(UTC-04:00) Atlantic Time (Canada) 1/30/2025 1:00:00 PM
Venezuela Standard Time-(UTC-04:00) Caracas 1/30/2025 1:00:00 PM
Central Brazilian Standard Time-(UTC-04:00) Cuiaba 1/30/2025 1:00:00 PM
SA Western Standard Time-(UTC-04:00) Georgetown, La Paz, Manaus, San Juan 1/30/2025 1:00:00 PM
Pacific SA Standard Time-(UTC-04:00) Santiago 1/30/2025 2:00:00 PM
Newfoundland Standard Time-(UTC-03:30) Newfoundland 1/30/2025 1:30:00 PM
Tocantins Standard Time-(UTC-03:00) Araguaina 1/30/2025 2:00:00 PM
E. South America Standard Time-(UTC-03:00) Brasilia 1/30/2025 2:00:00 PM
SA Eastern Standard Time-(UTC-03:00) Cayenne, Fortaleza 1/30/2025 2:00:00 PM
Argentina Standard Time-(UTC-03:00) City of Buenos Aires 1/30/2025 2:00:00 PM
Montevideo Standard Time-(UTC-03:00) Montevideo 1/30/2025 2:00:00 PM
Magallanes Standard Time-(UTC-03:00) Punta Arenas 1/30/2025 2:00:00 PM
Saint Pierre Standard Time-(UTC-03:00) Saint Pierre and Miquelon 1/30/2025 2:00:00 PM
Bahia Standard Time-(UTC-03:00) Salvador 1/30/2025 2:00:00 PM
UTC-02-(UTC-02:00) Coordinated Universal Time-02 1/30/2025 3:00:00 PM
Greenland Standard Time-(UTC-02:00) Greenland 1/30/2025 3:00:00 PM
Mid-Atlantic Standard Time-(UTC-02:00) Mid-Atlantic - Old 1/30/2025 3:00:00 PM
Azores Standard Time-(UTC-01:00) Azores 1/30/2025 4:00:00 PM
Cape Verde Standard Time-(UTC-01:00) Cabo Verde Is. 1/30/2025 4:00:00 PM
UTC-(UTC) Coordinated Universal Time 1/30/2025 5:00:00 PM
GMT Standard Time-(UTC+00:00) Dublin, Edinburgh, Lisbon, London 1/30/2025 5:00:00 PM
Greenwich Standard Time-(UTC+00:00) Monrovia, Reykjavik 1/30/2025 5:00:00 PM
Sao Tome Standard Time-(UTC+00:00) Sao Tome 1/30/2025 5:00:00 PM
Morocco Standard Time-(UTC+01:00) Casablanca 1/30/2025 6:00:00 PM
W. Europe Standard Time-(UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna 1/30/2025 6:00:00 PM
Central Europe Standard Time-(UTC+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague 1/30/2025 6:00:00 PM
Romance Standard Time-(UTC+01:00) Brussels, Copenhagen, Madrid, Paris 1/30/2025 6:00:00 PM
Central European Standard Time-(UTC+01:00) Sarajevo, Skopje, Warsaw, Zagreb 1/30/2025 6:00:00 PM
W. Central Africa Standard Time-(UTC+01:00) West Central Africa 1/30/2025 6:00:00 PM
GTB Standard Time-(UTC+02:00) Athens, Bucharest 1/30/2025 7:00:00 PM
Middle East Standard Time-(UTC+02:00) Beirut 1/30/2025 7:00:00 PM
Egypt Standard Time-(UTC+02:00) Cairo 1/30/2025 7:00:00 PM
E. Europe Standard Time-(UTC+02:00) Chisinau 1/30/2025 7:00:00 PM
West Bank Standard Time-(UTC+02:00) Gaza, Hebron 1/30/2025 7:00:00 PM
South Africa Standard Time-(UTC+02:00) Harare, Pretoria 1/30/2025 7:00:00 PM
FLE Standard Time-(UTC+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius 1/30/2025 7:00:00 PM
Israel Standard Time-(UTC+02:00) Jerusalem 1/30/2025 7:00:00 PM
South Sudan Standard Time-(UTC+02:00) Juba 1/30/2025 7:00:00 PM
Kaliningrad Standard Time-(UTC+02:00) Kaliningrad 1/30/2025 7:00:00 PM
Sudan Standard Time-(UTC+02:00) Khartoum 1/30/2025 7:00:00 PM
Libya Standard Time-(UTC+02:00) Tripoli 1/30/2025 7:00:00 PM
Namibia Standard Time-(UTC+02:00) Windhoek 1/30/2025 7:00:00 PM
Jordan Standard Time-(UTC+03:00) Amman 1/30/2025 8:00:00 PM
Arabic Standard Time-(UTC+03:00) Baghdad 1/30/2025 8:00:00 PM
Syria Standard Time-(UTC+03:00) Damascus 1/30/2025 8:00:00 PM
Turkey Standard Time-(UTC+03:00) Istanbul 1/30/2025 8:00:00 PM
Arab Standard Time-(UTC+03:00) Kuwait, Riyadh 1/30/2025 8:00:00 PM
Belarus Standard Time-(UTC+03:00) Minsk 1/30/2025 8:00:00 PM
Russian Standard Time-(UTC+03:00) Moscow, St. Petersburg 1/30/2025 8:00:00 PM
E. Africa Standard Time-(UTC+03:00) Nairobi 1/30/2025 8:00:00 PM
Volgograd Standard Time-(UTC+03:00) Volgograd 1/30/2025 8:00:00 PM
Iran Standard Time-(UTC+03:30) Tehran 1/30/2025 8:30:00 PM
Arabian Standard Time-(UTC+04:00) Abu Dhabi, Muscat 1/30/2025 9:00:00 PM
Astrakhan Standard Time-(UTC+04:00) Astrakhan, Ulyanovsk 1/30/2025 9:00:00 PM
Azerbaijan Standard Time-(UTC+04:00) Baku 1/30/2025 9:00:00 PM
Russia Time Zone 3-(UTC+04:00) Izhevsk, Samara 1/30/2025 9:00:00 PM
Mauritius Standard Time-(UTC+04:00) Port Louis 1/30/2025 9:00:00 PM
Saratov Standard Time-(UTC+04:00) Saratov 1/30/2025 9:00:00 PM
Georgian Standard Time-(UTC+04:00) Tbilisi 1/30/2025 9:00:00 PM
Caucasus Standard Time-(UTC+04:00) Yerevan 1/30/2025 9:00:00 PM
Afghanistan Standard Time-(UTC+04:30) Kabul 1/30/2025 9:30:00 PM
West Asia Standard Time-(UTC+05:00) Ashgabat, Tashkent 1/30/2025 10:00:00 PM
Qyzylorda Standard Time-(UTC+05:00) Astana 1/30/2025 10:00:00 PM
Ekaterinburg Standard Time-(UTC+05:00) Ekaterinburg 1/30/2025 10:00:00 PM
Pakistan Standard Time-(UTC+05:00) Islamabad, Karachi 1/30/2025 10:00:00 PM
India Standard Time-(UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi 1/30/2025 10:30:00 PM
Sri Lanka Standard Time-(UTC+05:30) Sri Jayawardenepura 1/30/2025 10:30:00 PM
Nepal Standard Time-(UTC+05:45) Kathmandu 1/30/2025 10:45:00 PM
Central Asia Standard Time-(UTC+06:00) Bishkek 1/30/2025 11:00:00 PM
Bangladesh Standard Time-(UTC+06:00) Dhaka 1/30/2025 11:00:00 PM
Omsk Standard Time-(UTC+06:00) Omsk 1/30/2025 11:00:00 PM
Myanmar Standard Time-(UTC+06:30) Yangon (Rangoon) 1/30/2025 11:30:00 PM
SE Asia Standard Time-(UTC+07:00) Bangkok, Hanoi, Jakarta 1/31/2025 12:00:00 AM
Altai Standard Time-(UTC+07:00) Barnaul, Gorno-Altaysk 1/31/2025 12:00:00 AM
W. Mongolia Standard Time-(UTC+07:00) Hovd 1/31/2025 12:00:00 AM
North Asia Standard Time-(UTC+07:00) Krasnoyarsk 1/31/2025 12:00:00 AM
N. Central Asia Standard Time-(UTC+07:00) Novosibirsk 1/31/2025 12:00:00 AM
Tomsk Standard Time-(UTC+07:00) Tomsk 1/31/2025 12:00:00 AM
China Standard Time-(UTC+08:00) Beijing, Chongqing, Hong Kong, Urumqi 1/31/2025 1:00:00 AM
North Asia East Standard Time-(UTC+08:00) Irkutsk 1/31/2025 1:00:00 AM
Singapore Standard Time-(UTC+08:00) Kuala Lumpur, Singapore 1/31/2025 1:00:00 AM
W. Australia Standard Time-(UTC+08:00) Perth 1/31/2025 1:00:00 AM
Taipei Standard Time-(UTC+08:00) Taipei 1/31/2025 1:00:00 AM
Ulaanbaatar Standard Time-(UTC+08:00) Ulaanbaatar 1/31/2025 1:00:00 AM
Aus Central W. Standard Time-(UTC+08:45) Eucla 1/31/2025 1:45:00 AM
Transbaikal Standard Time-(UTC+09:00) Chita 1/31/2025 2:00:00 AM
Tokyo Standard Time-(UTC+09:00) Osaka, Sapporo, Tokyo 1/31/2025 2:00:00 AM
North Korea Standard Time-(UTC+09:00) Pyongyang 1/31/2025 2:00:00 AM
Korea Standard Time-(UTC+09:00) Seoul 1/31/2025 2:00:00 AM
Yakutsk Standard Time-(UTC+09:00) Yakutsk 1/31/2025 2:00:00 AM
Cen. Australia Standard Time-(UTC+09:30) Adelaide 1/31/2025 3:30:00 AM
AUS Central Standard Time-(UTC+09:30) Darwin 1/31/2025 2:30:00 AM
E. Australia Standard Time-(UTC+10:00) Brisbane 1/31/2025 3:00:00 AM
AUS Eastern Standard Time-(UTC+10:00) Canberra, Melbourne, Sydney 1/31/2025 4:00:00 AM
West Pacific Standard Time-(UTC+10:00) Guam, Port Moresby 1/31/2025 3:00:00 AM
Tasmania Standard Time-(UTC+10:00) Hobart 1/31/2025 4:00:00 AM
Vladivostok Standard Time-(UTC+10:00) Vladivostok 1/31/2025 3:00:00 AM
Lord Howe Standard Time-(UTC+10:30) Lord Howe Island 1/31/2025 4:00:00 AM
Bougainville Standard Time-(UTC+11:00) Bougainville Island 1/31/2025 4:00:00 AM
Russia Time Zone 10-(UTC+11:00) Chokurdakh 1/31/2025 4:00:00 AM
Magadan Standard Time-(UTC+11:00) Magadan 1/31/2025 4:00:00 AM
Norfolk Standard Time-(UTC+11:00) Norfolk Island 1/31/2025 5:00:00 AM
Sakhalin Standard Time-(UTC+11:00) Sakhalin 1/31/2025 4:00:00 AM
Central Pacific Standard Time-(UTC+11:00) Solomon Is., New Caledonia 1/31/2025 4:00:00 AM
Russia Time Zone 11-(UTC+12:00) Anadyr, Petropavlovsk-Kamchatsky 1/31/2025 5:00:00 AM
New Zealand Standard Time-(UTC+12:00) Auckland, Wellington 1/31/2025 6:00:00 AM
UTC+12-(UTC+12:00) Coordinated Universal Time+12 1/31/2025 5:00:00 AM
Fiji Standard Time-(UTC+12:00) Fiji 1/31/2025 5:00:00 AM
Kamchatka Standard Time-(UTC+12:00) Petropavlovsk-Kamchatsky - Old 1/31/2025 5:00:00 AM
Chatham Islands Standard Time-(UTC+12:45) Chatham Islands 1/31/2025 6:45:00 AM
UTC+13-(UTC+13:00) Coordinated Universal Time+13 1/31/2025 6:00:00 AM
Tonga Standard Time-(UTC+13:00) Nuku'alofa 1/31/2025 6:00:00 AM
Samoa Standard Time-(UTC+13:00) Samoa 1/31/2025 6:00:00 AM
Line Islands Standard Time-(UTC+14:00) Kiritimati Island 1/31/2025 7:00:00 AM

Webinar Registration

Whether you have implemented a formal tiered security structure or not – every environment has tier 0 assets. 

Tier 0 accounts and groups are those that have the keys to the kingdom of your identity provider whether that is Active Directory, Entra ID, Okta, etc.  For instance, in AD that would be the Domain Admins, Administrators, Enterprise Admins groups and the Administrator user account to begin with.  But Tier 0 accounts expand to include other users and groups you put in those built-in group or where you assign equivalent permissions and rights.  And any accounts that have permissions to change those accounts, and so on.  Tier 0 inevitably ends up being bigger than what you would expect.  Case in point: there are service and application accounts with Tier 0 access.

But – and this is important – Tier 0 isn’t just about users and groups; it also includes systems.  Tier 0 systems are those systems that either

  • Host the processes of the identity provider or store its directory data. In AD’s case that would be domain controllers.  In cloud identity providers like Entra ID and Okta it is the cloud systems under the control of the vendor – the part that is the vendor’s job in the “shared responsibility” model.
  • Host logon sessions by Tier 0 accounts – whether human or service/application accounts. Just a few examples include servers that perform privileged identity synchronization like Entra Connect or workstations used by administrators.

Needless to say, Tier 0 assets are a ticket to success for attackers and as such they need close surveillance and vigilance because they are such a target.  And such vigilance pays off.  We know this from real world security incidents like the Okta/Cloudflare incident which I’ll discuss in this session.

But before you can monitor Tier 0 assets you need to know who and where they are.  In this real training for free event, I will show you a step by step process for finding each Tier 0 account, group and system.

Matthew Vinton will be joining me from Quest Software.  Matthew brings valuable input to the table on this topic because for the past couple years he’s been focusing on Identity Threat Detection and Response – beginning with Tier 0 assets.  Matthew has put a lot of thought into the reality of alert fatigue and what it takes to reduce all the noise.  He says part of the answer requires capturing and leveraging knowledge of your particular environment in order to distinguish between benign and malicious change events associated with Tier 0 assets.

After our real training for free session Matthew will briefly show you a new product – Quest Security Guardian – and how it can help you not only automatically identify Tier 0, but also help disrupt attacks on Tier 0 by protecting those sensitive objects from malicious change.

Please join us for this real training for free session.
First Name:  
Last Name:  
Work Email:  
Phone:
Job Title:
Organization:
Country:  
State:
Zip/Postal Code:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.
 

 

Upcoming Webinars
Additional Resources