Event banner
Event details
Looking forward to getting an update of where we are today and a roadmap of where we are heading, What are the top 3 risks that we need to address today, where are are the risks coming from Internal\External, what are the mitigation strategies for the beginners\experienced security experts.
- YaronParyanty
Microsoft
In the last 12 months, identity-targeted attacks, and specifically attempting to take full control of Active Directory, is on the increase. For example, in the last 3 months there were 4 or 5 different weaponized vulnerabilities exposed that aimed to provide attackers will full control over Active Directory. Just to name a few – we have had DnsHostName spoofing, KrbRelayUp, and the recent campaign we are working on DFSCoerce. If an attacker succeeds, Active Directory can be completely compromised. With the increase of attacks on Active Directory, we are expecting an increase of attacks on the entire identity infrastructure including AD, AAD and other IAM solutions and identity infrastructure solutions. Identifying attacks against AD, AAD and ADFS which synchronize between them is covered by Microsoft Defender for Identity (MDI), Microsoft AAD Identity Protection and AAD Conditional Access. We are also looking to expand this offering, including posture, detection, investigation and remediation, to other IAM solutions as well as identity infrastructure solutions. We are also witnessing a trend towards attacking Active Directory Certificate Services (AD CS). Either compromising specific certificates or take control of the entire certificate AD CS server. We will be happy to conduct a session in which we can share the full MDI roadmap. We’ll post to the MDI community when we schedule this session to take place.
