Discover and read the best of Twitter Threads about #ActiveDirectorySecurityTips

Most recents (1)

Mitigation: "Active Directory Configuration"
That's right. Tighten up AD and leverage to mitigate typical attack methods:
[thread follows]
* Block AD Admins from logging onto non-DA systems using GPOs
docs.microsoft.com/en-us/windows-…

* Add all AD Admins to the Protected Users group to provide additional protections (including Kerberos delegation attack mitigation)
docs.microsoft.com/en-us/windows-…

#ActiveDirectorySecurityTips
* Ensure appropriate AD auditing
adsecurity.org/?p=3377

* Review domain Administrators membership


* Review the "Default" GPOs for inappropriate rights
adsecurity.org/?p=3700

* Review AD permissions
github.com/cyberark/ACLig…

#ActiveDirectorySecurityTips
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!