REDUCE YOUR ACTIVE DIRECTORY ATTACK SURFACE: SECURING THE FOREST THROUGH THE TREES presented at BsidesCa 2017

by Joe Bate, Cheryl Biswas,

Summary : Most information security breaches start with the compromise of small pieces of an organization's infrastructure - often one or two systems at a time. These initial events, or entry points into the network, exploit vulnerabilities that could have been fixed, but weren't. AD has a wide attack surface, and is ideal as an attacker's hunting ground. We'll help you understand how to prioritize and see where to secure your AD forest through all those trees.