ASSESSMENT & TESTING
Active Directory Security Assessment
Active Directory is a critical target that malicious threats attack once they gain initial access into an organization. Threats will leverage Active Directory to perform reconnaissance, escalate privileges, access data, and otherwise “persist” in the environment. Simply put, Active Directory contains the “keys to the kingdom,” and if not well protected, it will rapidly compromise the security of any organization.
Breadcrumb offers an exhaustive review of your Active Directory environment, assessing common security configuration deficiencies that attackers leverage during a breach. Breadcrumb’s assessment involves the analysis of critical indicators, privilege escalation, crypto analysis of user password strengths, group policies, and real-time anomalies.
Once complete, you’ll have a road map to establishing a secure foundation for your Active Directory environment.
"55% of organizations say that privileged users are their biggest insider threat risk." - ObserveIT
Key Assessment Areas
- Active Directory forest and domain trust configuration(s)
- Domain controller auditing, logging, and security event correlation capabilities
- Systematic review of clear text password disclosures
- Federation, RADIUS, and third-party security relationships
- Active Directory administration groups (users, service accounts, etc.)
- Group policy and privilege control access
- Active Directory password policies and relative strength to public disclosures
- Feasibility of lateral movement and privileged escalation