OM’s Security Geeks helps you discover and fix misconfigurations that adversaries generally exploit. We additionally watch all your AD activity—logons, user and group changes, Group Policy Objects (GPO) events—and use behaviour-based threat paradigms to prevent lateral movement attacks.
AD Risk Acumens
65% of organisations have over 1000+ users with passwords that will never expire
60% of user accounts are stale or inactive
58% of users had passwords that never expire (up from 20% last year)
Analysing Active Directory logs with data access events and network movement and employs advanced machine learning (ML) to establish productive, multi-dimensional behavioural characterisations. When activity varies from what’s familiar, identifies it automatically.
DCShadow is a technique of manipulating Active Directory (AD) data, including objects and schemas, by registering (or reusing an inactive registration) and mimicking the behaviour of a DC. Inject and replicate changes into AD infrastructure for any domain object, including credentials and keys.