dcsimg

What to Look for When Monitoring File Activity on File Server

Monitoring file activity is not as straight forward as it sounds. After all, in order to detect and respond to suspicious or troublesome file activity, we need to know in advance what it is we are actually looking for. Below are 8 of the most common scenarios that can compromise either the security or integrity of our critical files, along with a brief summary describing how LepideAuditor can help … [Read more...]

What is an AdminSDHolder Attack and How to Defend Against it?

In this blog, we will be going through how the AdminSDHolder object in Active Directory can be used in Active Directory attacks. We will also go through what you can do to help defend against AdminSDHolder attacks and how LepideAuditor can help make this process easier. What is an AdminSDHolder? Essentially, the AdminSDHolder is an object in Active Directory that acts as a security descriptor … [Read more...]

What is Group Policy (GPO) and What Role Does It Play in Data Security

First things first, what is Group Policy? Group Policy is a feature of Windows that facilitates a wide variety of advanced settings that network administrators can use to control the working environment of users and computer accounts in Active Directory. It essentially provides a centralized place for administrators to manage and configure operating systems, applications and users’ settings. Group … [Read more...]

What’s the Difference Between Active Directory and LDAP?

Active Directory plays such an important part in the makeup of most organizations’ IT infrastructure, that it automatically becomes the first target for attackers. If an attacker gets into one of your user accounts, any you don’t know that it’s happened, it’s only a matter of time before you are the victim of a disastrous data breach (especially is this user account has special privileges). … [Read more...]

5 More PowerShell Commands to Better Manage Active Directory

Recently we published a blog about five key PowerShell commands that you need to help you better manage Active Directory. As this blog was so well received, we decided to do a follow up. If you want to read the original blog, then click here. Before We Begin Before you get started, you’re going to have to import Module Active Directory. Without importing the corresponding module into the … [Read more...]

5 PowerShell Commands to Better Manage Active Directory

PowerShell was developed so that IT operations and administrative tasks in operating systems like Active Directory could be drastically simplified and automated to save huge amounts of time and effort. PowerShell is able to integrate with services and applications to help administrators get complete control over the management of both clients and servers. With every new update of the underlying … [Read more...]

The 4 Features of Effective Group Policy Auditing

Auditing any of your critical IT infrastructure is a process that involves collecting information into readable reports, analyzing those reports and taking the required action to ensure the security and integrity of that system. Group Policy is no different. For effective Group Policy Auditing, you need to be able to report on changes in such a way that enables you to take the right steps to … [Read more...]

What’s the Difference Between Share and NTFS Permissions?

Both share and NTFS permissions serve the same purpose within Windows environments; namely, to help you prevent unauthorized access to your critical folders. However, there are some critical differences between the two that will determine which one you use. In this blog we will learn about what share permissions and NTFS permissions are, what the differences between the two are and the best … [Read more...]

Why Group Policy Auditing is Important

It will come as no surprise that Windows out of the box isn’t secure. Many of the vulnerabilities that exist within Windows can be addressed through Group Policy Objects (GPOs). Group Policy allows administrators to control the working environment of both user and computer accounts. If used correctly, GPOs can, for example, allow you to work towards a policy of least privilege where users have … [Read more...]

5 Active Directory Changes You Need to Audit

Active Directory is a critical part of any organization’s IT infrastructure. Unwanted changes in Active Directory could result in potentially disastrous consequences for the security of data. Changes to user accounts, passwords, group memberships and more could lead to excessive permissions and increased risk of privilege abuse. For those reasons, and more, it is essential that you continuously … [Read more...]