The Rise of Active Directory Exploits
0 likes231 views
The document discusses the increasing threats to Active Directory (AD) security, emphasizing the growing complexity of managing AD and the need for collaboration among various IT teams. With over 90% of organizations having multiple domain controllers, the attack surface has expanded significantly, leading to challenges in detecting and remediating attacks. The findings indicate a pressing need for organizations to prioritize AD security, with many planning to increase their spending in response to rising attack incidents.
The Rise of Active Directory Exploits
- 1. The Rise of Active Directory Exploits: Is it Time to Sound the Alarm? Paula Musich Research Director Enterprise Management Associates (EMA)
- 2. Watch the On-Demand Webinar • The Rise of Active Directory Exploits On-Demand Webinar: https://info.enterprisemanagement.com/the-rise-of-active-directory- exploits-webinar-ws • Check out upcoming webinars from EMA here: https://www.enterprisemanagement.com/freeResearch
- 3. Featured Speaker Paula brings over 30 years of experience covering the IT security and networking technology markets. She has been an IT security analyst for over ten years, including as a research director at NSS Labs, and earlier as the principal analyst for enterprise security for Current Analysis. As a security technology analyst, Paula has tracked and analyzed competitive developments in the threat management segment of the information security market, ranging from advanced anti- malware to next-generation firewalls and intrusion prevention systems to content security, data loss prevention, and more. © 2021 Enterprise Management Associates, Inc. 3 Paula Musich Research Director Security, Risk & Compliance Management Enterprise Management Associates | @ema_research
- 4. Sponsors © 2021 Enterprise Management Associates, Inc. 4 | @ema_research
- 5. Agenda Introduction: Attackers are Turning up the Heat on Active Directory 1 2 3 Methodology and Demographics Active Directory Security Threats & Challenges 4 Active Directory Security Tools & Tactics 5 Active Directory Risk & Attack Remediation 6 Active Directory Security Priorities & Spending © 2021 Enterprise Management Associates, Inc. 5 | @ema_research
- 7. Annual Revenue 11% $1M - <$20M 14% $2M - <$100M 43% $100M - <$1B 28% $1B+ Vertical Industries 26% High Technology Software 16% Finance/Banking/Insurance 13% Manufacturing 12% Retail/Wholesale Number of Respondents 250 Geography North America Demographics & Methodology Company Size 37% Large Enterprise 63% SME © 2021 Enterprise Management Associates, Inc. | @ema_research
- 8. Groups Responsible for Securing Active Directory 8 83% IT Operations 73% Security Operations 48% Network Operations 32% Infrastructure Team 29% Identity Team The Complexity of Securing Active Directory Requires Collaboration Across Groups with Different Levels of Expertise © 2021 Enterprise Management Associates, Inc. | @ema_research
- 9. © 2021 Enterprise Management Associates, Inc. 9 Over 90% of organizations have 10 or more domain controllers, which represents an exceptionally large attack surface. | @ema_research
- 10. Active Directory Security Threats & Challenges
- 11. 11 © 2021 Enterprise Management Associates, Inc. | @ema_research
- 12. Other up and coming attack types: Silver ticket attack; FoggyWeb backdoor © 2021 Enterprise Management Associates, Inc. 12 | @ema_research
- 13. What Makes Securing Active Directory so Hard? © 2021 Enterprise Management Associates, Inc. 13 Top Reasons Other Issues lack of visibility to identify exposures no understanding of consequences of changes being made | @ema_research 25% Hard to detect live attacks on AD 21% Too hard to coordinate security across multiple groups 15% Can’t keep up with constant changes in AD
- 14. Active Directory Security Tools & Tactics
- 15. Downsides to audit Snapshot in time Downsides to log analysis Time consuming & costly © 2021 Enterprise Management Associates, Inc. 15 | @ema_research
- 16. Who does the assessments? IT operations 79% Security operations 73% MSP/MSSP 37% Internal Red Team/pen testers 29% Outside auditors/contractors 26% © 2021 Enterprise Management Associates, Inc. 16 | @ema_research
- 17. © 2021 Enterprise Management Associates, Inc. 17 | @ema_research
- 18. © 2021 Enterprise Management Associates, Inc. 18 | @ema_research Only 33% look for live attacks targeting Active Directory
- 19. Active Directory Risk & Attack Remediation
- 20. How to Determine the Best Remediation Options for Active Directory Exposures © 2021 Enterprise Management Associates, Inc. 20 67% Rely on Active Directory experts 46% Turn to third-party consultants 43% Apply specific tools to help identify the best remediation options 34% Search for remediation options on the internet | @ema_research 20
- 21. 21 © 2021 Enterprise Management Associates, Inc. | @ema_research
- 22. Accepting Active Directory Exposures © 2021 Enterprise Management Associates, Inc. 22 | @ema_research
- 23. Active Directory Security Priorities & Spending
- 24. 24 © 2021 Enterprise Management Associates, Inc. | @ema_research
- 25. Future Spending Plans for Active Directory Security © 2021 Enterprise Management Associates, Inc. 25 Top 3 reasons to increase it 25% increase in AD attacks 18% increase in work-from-home activity 17% cloud usage expansion | @ema_research 35% Plan to significantly increase it 51% Plan to slightly increase it 14% Don’t plan to change it
- 26. Get the report! https://bit.ly/3GKgeqz © 2021 Enterprise Management Associates, Inc. 26 | @ema_research