How to Defend Against an Overpass the Hash Attack

In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need for plaintext passwords. Instead, an Overpass the Hash attack...

Top Active Directory Hardening Strategies

The most recent Microsoft Digital Defense Report notes that nearly half of all Microsoft Incident Response engagements encountered insecure Active Directory configurations. Mandiant has previously reported that 9 of 10 cyberattacks exploit Active Directory. These...

MFA for Active Directory: An Overview

Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes it more difficult for attackers to compromise your network....

Identity Attack Watch: AD Security News, January 2024

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the...

How to Defend Against an NTLM Relay Attack

The NTLM relay attack poses a significant threat to organizations that use Active Directory. This attack exploits the NT LAN Manager (NTLM) authentication protocol, a challenge-response mechanism used in Windows networks for user authentication. NTLM relay attacks are...