ad security
When Is WinRM Over HTTP Secure?
Is use of the Windows Remote Management (WinRM) protocol over HTTP inherently bad? Take a nuanced look at why "HTTP = insecure" isn't the whole story—and when HTTPS can actually introduce risk ...
What You’re Missing: Proper LAN Manager Authentication Levels
One of the most common misconfigurations I encounter in Active Directory environments is a LAN Manager authentication level set to 2 on domain controllers (DCs). If your reason for staying at level ...
25 Years of AD Breaches: Three Moves to Transform Incident Response
Active Directory is attackers’ favorite path to domain dominance. Learn how mapping your defenses to the NIST Cybersecurity Framework can improve cyber incident response and recovery. The post 25 Years of AD ...
Best Cybersecurity Conferences for Identity Security Professionals in 2026
For anyone safeguarding hybrid identity systems, continuous learning and cyber community engagement are critical. Here are our top picks for conferences that deliver a laser-focus on identity security—and the technical knowledge you ...
What CISOs Need to Know About Fighting Ransomware in 2026
The fastest way to turn a cyber incident into a business outage is through identity system compromise. Ransomware continues to exploit that fact—and the consequences are real. Here are practical, board-ready steps ...
Exploiting Ghost SPNs and Kerberos Reflection for SMB Server Privilege Elevation
When misconfigured Service Principal Names (SPNs) and default permissions align, attackers can exploit Kerberos reflection to gain SYSTEM-level access remotely. Even with Microsoft’s security update, Ghost SPNs can still haunt you. Learn ...
Unlocking Unmatched Identity Resilience: The Semperis-Cohesity Partnership
The Semperis-Cohesity partnership is the convergence of two industry leaders, each with singular expertise. With Cohesity Identity Resilience, organizations can be confident that their critical identity systems are secure and recoverable. The ...
How to Defend Against Password-Spraying Attacks
In the ever-evolving and complex cybersecurity landscape, Active Directory remains a critical infrastructure component for managing network resources and user authentication. However, its centrality also makes it a prime target... The post ...
Best Practices for Active Directory Backup
Maintaining business continuity during and after a cyberattack has become a chief strategic objective, not just for enterprise cybersecurity, but for IT and business leadership as well. Effective Identity Threat... The post ...
How to Defend Against Golden Ticket Attacks: AD Security 101
Golden Ticket attacks are particularly cunning. Like Kerberoasting, Golden Ticket attacks exploit the Kerberos authentication system and are one of the most severe threats to Active Directory environments. Here’s more... The post ...
