Securing Active Directory often involves the ongoing management of lists and spreadsheets. However, cybercriminals approach an attack from a completely different mindset—focusing on an attack path, not a list. Organizations can flip the proverbial script on attackers by thinking like an attacker—beating them at their own game.

In this workshop, we decrypt attack paths to analyze how attackers gain immediate privileges. By knowing how attackers enumerate and analyze Active Directory, attendees will develop the ability to secure areas before they are exploited. Topics include:
 

• Identifying detectable attacks
• Identifying attack tools
• Negating attack tools
• Leveraging attack paths to secure Active Directory
• Pinpointing specific user attributes that allow immediate privilege escalation, including Primary Group ID, SID History, adminSDHolder, and more.