What I Wish I Saw When Attacking Your Directory

Active Directory has long been a primary target for attackers-and for good reason. As a former AD architect turned pen tester, Eric has seen the same problems over and over again when it comes to securing AD. Gaining complete control over a network should be a difficult and challenging endeavor but, unfortunately, it often only takes a few steps. Eric has a secret: some simple changes would completely turn that around. In this talk, he will share a small list of AD defenses that should be in every environment. Not only would they dramatically slow down attackers, disrupt lateral movement, and increase your detection chances; but they are all native options in Windows and AD. Let’s take a hacker’s playground and make it their nightmare!

Speaker bio:

Eric Kuehn, Principal Security Consultant, Secure Ideas

Eric Kuehn is a Principal Security Consultant at Secure Ideas, where he leverages his extensive experience with Microsoft infrastructures and Active Directory to perform penetration tests and red team assessments. He also teaches a course, Red Team Fundamentals for Active Directory, where he explains the concepts, techniques and best practices for exploiting and defending AD environments. Eric has been working with Active Directory since its release and was the technical leader and architect of one of the largest and most complex AD implementations out there. He is an IANS faculty member and is passionate about sharing his knowledge and skills with others. Eric has delivered talks on Active Directory security and other topics at various conferences, events, webcasts, and Antisyphon Training.