Active Directory is still a well-known attack vector for bad actors attempting to exploit large organizations. Since AD touches almost everything, and privileged accounts in AD can have a far-reaching impact, it becomes an obvious target. When an attacker compromises a user account or workstation, the next step is to elevate privileges. In this session, Dan Conrad demonstrates a Pass-the-Hash breach against a privileged account in Active Directory using common exploit methods and AJ Lindner will walk through an Active Roles implementation specifically designed to mitigate this vulnerability using just-in-time privilege elevation. This Active Roles/Safeguard integration is specifically designed to reduce the vulnerabilities related to privilege escalation attacks and adds a Zero Trust security layer to Active Directory.
Speakers
Dan Conrad and AJ Lindner