Adversaries are using Active Directory as a weapon against itself. They are exploiting AD’s native capabilities to perform recon, find targets, escalate privileges, and gain persistence. Some of their malware-less persistence techniques include:
- Active Directory botnets that leverage user attributes to take over domain controllers and use them as a central command for controlling systems
- Active Directory backdoors that use discretionary access control list (DACL) misconfigurations to create hidden persistence
In this webinar, Cybersecurity practitioner and STEALTHbits VP of Product Strategy Gabriel Gumbs will walk you through these attacks and show you how to protect your organization using real-time detection, blocking, and mitigation tools that don’t rely on native logging.
View the Webinar!