Best Active Directory Monitoring tool
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
3d ago
Today, Active Directory is still the cornerstone of most networking infrastructure environments. In Hybrid Identity environments, where on-premises Active Directory is coupled with Azure AD, the reliance on Active Directory is enormous. In these environments, the answers to the question ‘What if something would happen to Active Directory?’ range from ‘Everything goes down’ to ‘Game over due to a security breach’. The latest numbers indicate that 80% of successful attacks leverage the organization’s identity platform including the way people use their credentials for other services that are no ..read more
Visit website
You're invited to the IT-Universty Masterclass – Adequately Securing Active Directory
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
5d ago
On March 7th, 2022, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on a topic that is close to my heart: Active Directory. Active Directory has captivated the hearts of adversaries. Some ransomware gangs just simply lose interest want the device of a potential victim isn't domain-joined. That's logical, because with default settings, multiple vulnerabilities each month allow attackers to move laterally in your networking environment towards the credentials of members of the Domain Admins security group ..read more
Visit website
Existing Azure MFA Server deployments stop working starting September 30, 2024
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
6d ago
Microsoft announced the final stage of deprecating Azure Multi-Factor Authentication (MFA) Server.   Deprecating Azure MFA Server Deprecating a crucial element in crucial processes for organizations is not something that Microsoft takes lightly: Since MFA Server 8, released on April 10, 2018. MFA registrations for the Authenticator app flow through the Azure MFA infrastructure instead of through Azure MFA Server’s mobile portal. As of July 1, 2019, Microsoft no longer offers Azure MFA Server for new deployments and trial tenants. The Azure MFA SDK stopped working on October 1, 2020 ..read more
Visit website
The Azure ATP Portal is being decommissioned in February 2023
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
2w ago
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal.   Moving to the Microsoft 365 Defender Portal Over the last few months, the experiences and functions of Microsoft Defender for Identity have been made available in Microsoft’s extend ..read more
Visit website
The Azure ATP Portal is being decommissioned in February 2022
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
2w ago
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal.   Moving to the Microsoft 365 Defender Portal Over the last few months, the experiences and functions of Microsoft Defender for Identity have been made available in Microsoft’s extend ..read more
Visit website
The January 2023 updates address Two LDAP vulnerabilities affecting Domain Controllers
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
2w ago
When looking at the January 10, 2023, cumulative updates (1B23) for Windows Server today, I noticed two updates that specifically address a Remote Code Execution (RCE) vulnerability and a Denial of Service (DoS) vulnerability in Windows LDAP. These vulnerabilities are specific to Domain Controllers (in the default configuration), so this sparked my interest in these updates.   About the vulnerabilities CVE-2023-21676 LDAP Remote Code Execution Vulnerability CVE-2023-21676 is a vulnerability in the Lightweight Directory Access Protocol (LDAP) that could allow an authenticated adversary re ..read more
Visit website
You can only get Active Directory Monitoring right if you do Domain Controller Monitoring, too
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
3w ago
When ENow launched COMPASS in 2011, the family of products it entered was commonly referred to as Active Directory monitoring. However, in contrast with other Active Directory monitoring solutions, COMPASS is also a Domain Controller monitoring solution. Many of the other Active Directory monitoring solutions on this common list of best Active Directory Monitoring solutions don’t offer that functionality. Which is strange…   Domain Controller Monitoring vs. Active Directory Monitoring Typical Active Directory monitoring solutions delve into the configuration partition of the Active Direc ..read more
Visit website
What's New in Microsoft Defender for Identity in December 2022
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
3w ago
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protec ..read more
Visit website
What's New in Azure Active Directory for December 2022
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
3w ago
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for December 2022:   What's Planned ADAL End of Support Service category: Other Product capability: Developer Experience As part of Microsoft's ongoing initiative to improve the developer experience, service reliability, and security o ..read more
Visit website
On-premises Identity-related updates and fixes for December 2022
The DirTeam.com / ActiveDir.org Weblogs
by Sander Berkouwer
3w ago
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for December 2022:   Windows Server 2016 We observed the following update for Windows Server 2016: KB5021235 December 13, 2022 The December 13, 2022, update for Windows Server 2016 (KB5021235), updating the OS build number to 14393.5582, is a monthly cumulative update that includes one Identity-relat ..read more
Visit website

Follow The DirTeam.com / ActiveDir.org Weblogs on Feedspot

Continue with Google
OR