Saturday, October 27, 2012

Active Directory Security Risks Loom Large

Active Directory is one of the most ubiqutously used technologies in the world today, because virtually all organizations that operate on Microsoft's Windows Server platform are powered by Active Directory.

Active Directory plays a central role in IT security, regulatory compliance and identity and access management today because all critical aspects of IT security such as authentication, authorization and auditing are completely integrated with Active Directory.

Active Directory Security is thus rapidly becoming a very important component of organizational IT security, as organizations realize that the very foundation of their security may be vulnerable.

Because of the vital role of Active Directory in IT security today, it is increasingly vulnerable to attacks, both from insider the perimiter and from the outside, espesiclaly by sophisticated hackers seeking to compromise the security.

In fact, even the US Department of Homeland Security runs on Active Direcotry and a recent audit showed that it too may be vulnerable to attack -

Active Directory Security risks thus loom large and organizations are actively taking steps to ensure that the security of their Active Directory is also adequately protected.


  1. Hello Aaron,

    I think I would tend to agree with you and I think that outsourcing Active Directory management weakens security because once you've outsourced the management of Active Directory, you don't really know who is managing your Active Directory anymore, and that's a problem that puts Active Directory Security at risk.


  2. Hello Aaron,

    In my experience as an IT analyst, I have found that while many organizations use Active Directory so extensively, most of them don't seem to be aware of the various Active Directory Risks that exist today, and how these risks impact Active Directory Security. This is concerning because Active Directory is so widely deployed today and I worry that it may be vulnerable, whether to Kerberos-to-NTLM downgrade attacks, or other kinds of attacks such as Active Directory Privilege Escalation which it seems could be launched by insiders as well.

    Best wishes,

  3. Hi Aaron,

    I happened to come across your blog, so thought I'd leave a note.

    I've been wanting to blog for a while now, and have a little blog of my own as well over as Active Directory Forestry, but I just can't seem to find the time.

    We've been very busy helping clients understand how to analyze and audit security permissions in Active Directory because it is so important to Active Directory security.

    We came across a valuable Active Directory Audit Tool and its been very helpful as we perform many an Active Directory Audit for our clients. Thought I mention it.

    If you have some time, do stop by. I would love to hear from you.