With more and more organizations moving to the cloud, specifically Azure Active Directory/Microsoft 365 (formerly Office 365), Trimarc has seen a large increase in the number of Azure AD Connect deployments during our Active Directory Security Assessments (ADSAs). With this growing trend of hybrid-cloud implementations it is vital for organizations to get the security right on the Azure AD Connect components (i.e. server, service account, and database). Azure AD Connect Azure
Passwords, while serving a crucial role in identity, have unfortunately morphed into the dreaded necessary evil territory. This is easily illustrated by the breadth of its frustration. The bane of IT admins, security teams, and yes, even the everyday user, is passwords. For users, gripes revolve around complexity, length, and duration. End-users in corporate environments are grumbling about unique (not likely), 15-character passwords that have to be changed every other month.
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active Directory environment by performing your own AD security review and how to identify potential issues in your environment. This webcast covers the following topics: The most common security issues Trimarc sees during AD security assessments PowerShell commands you can run to check for potential AD security issues. Recommendations on how to fix th
Trimarc Founder and Microsoft Certified Master, Sean Metcalf, will cover how to improve the security of your Office 365 & Azure AD tenant environment by exploring how attackers compromise these environments and providing recommendations on how best to secure them. This webcast covers the following topics: How attackers compromise Office 365 Key actions to prevent/mitigate attacks against your cloud tenant The most important security controls to implement now and in the near f
While Azure leverages Azure Active Directory for some things, Azure AD roles don’t directly affect Azure (or Azure RBAC) typically. This article details a known configuration (at least to those who have dug into Azure AD configuration options) where it’s possible for a Global Administrator (aka Company Administrator) in Azure Active Directory to gain control of Azure through a tenant option. This is “by design” as a “break-glass” (emergency) option that can be used to (re)gai
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active Directory environment by identifying and resolving common issues. This webcast covers the following topics: Common Active Directory Security Issues and how to identify & remediate them. Ways attackers take advantage of common AD configuration. Cloud integration security challenges. Original Air Date: May 13 2020 Intro begins at 4:05 Slide Deck:
Many are familiar with Active Directory, the on-premises directory and authentication system that is available with Windows Server, but exactly what is Azure Active Directory?
Azure Active Directory (Azure AD or AAD) is a multi-tenant cloud directory and authentication service. Azure AD is the directory service that Office 365 (and Azure) leverages for account, groups, and roles. It is also an Identity Provider (IPD) and supports federation (SAML, etc).
Note: given how rap
Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost always over-privileged due to documented vendor requirements or because of operational challenges (“just make it work”). We can discover service accounts by looking for user accounts with Kerberos Service Principal Names (SPNs) which I call SPN Scanning. Service accounts without SPNs can also be discovered by querying AD accounts for ‘SVC’, or