Active Directory Security Analysis

Have you secured the backbone of your infrastructure?


Service

Active Directory is at the heart of most modern organization. Unfortunately for most is has been set up more than a decade ago, and only minimally been maintained, or only maintained in relation to performance and operations. It contains a wealth of configurations, and it is easy to misconfigure these, especially since misconfigurations tend to outlast upgrades and change in personnel, or through mergers and acquisitions.

An Active Directory Security Analysis, identifies current misconfigurations and vulnerabilities in your AD structure such as access control lists, share rights, trusts etc., and provides recommendations for remediation.


Value

  • Identify security related misconfigurations and vulnerabilities in your Active Directory setup.

  • Get prioritized remediation actions tailored to your unique business and risks.

  • Learn how to maintain the security of your Active Directory over time.

Deliverables

  • Written report documenting the observed insufficiencies in your Active Directory domain or forest.

  • Workshop to train your IT operations team in how to maintain the security in the future.


 

Methodology

We analyse your environment for misconfigurations, vulnerabilities and adherence to best practice as defined by Microsoft with additions based on our knowledge. We run numerous tools which are a combination of freely available, commercial, and internally developed. The output from these tools is manually reviewed and verified. Amongst others, we review:

  • Common misconfigurations

  • Known vulnerabilities.

  • Attack paths abusing assigned rights.

  • Access control lists

  • Share rights.

  • Trusts

  • Group memberships

  • Implementation of Active Directory security features

There will also be ongoing dialogues with your IT operations team, to understand configuration choices, your business, critical assets and policies and procedures.

 

 

Involvement

Some involvement is to be expected from selected key employees. Spread over the following:

  • An initial thirty-minutes to an hour kick-off session, where we explain what we are going to do, how we will do it, what we are looking for etc. Included in this is a brief introduction to the organization by your team.

  • On-going smaller meetings or conversations for explanation specific configurations or choices in your environment

  • Within the first few days and after we have gathered more information on your set up, we have a workshop session of a couple of hours, where we have additional questions to especially policies and procedures, and other elements which are difficult to technically verify.

  • Up to half a day of workshop after the project has ended to go over our findings and train your team in using some of the tools we used, and how to maintain the security of your Active Directory over time.

 


 

See our other services