ASSESSMENT & TESTING
Active Directory Security Assessment
A comprehensive and systematic review of critical Active Directory security configurations and industry best practices.
------ SERVICE OVERVIEW
Active Directory is typically the primary system that threats attack once they gain initial access into an organization. Threats scan and leverage Active Directory to perform reconnaissance, escalate privileges, access data, and otherwise “persist” in the environment. Simply put, Active Directory contains the “keys to the kingdom,” and if not well protected, it can rapidly compromise the security of any organization.
Breadcrumb offers an in-depth review of your Active Directory configuration in order to assess security configuration deficiencies that attackers can leverage during a breach. Breadcrumb’s assessment involves the review of generated documentation, privilege escalation, crypto-analysis of user password strengths, execution of proprietary tools, and a review of Active Directory configurations and settings.
At the end of the assessment, you’ll have a road map for addressing discovered issues to establish a secure foundation for your Active Directory environment.
Key Assessment Areas
This section will highlight the premise of the scope, the services being performed, key objectives, and deliverables. This content is useful for regulators, insurance companies, and key-customers seeking clarity on your security assessment practices.
This section is intended for executive personnel, and in plain terms, outlines the overall risk for the organization. It will detail: 1) Summary of Strengths, 2) Summary of Weaknesses, and 3) Strategic Recommendations.
This section breaks down each assessed category and presents key findings and recommendations associated with each category. This section is highly technical and is intended for senior technical personnel.
This section provides a breakdown of all associated and relevant attachments, including but not limited to vulnerability result exports, GPO configurations, crypto-analysis results, and more.