Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect Privileged Credentials

Quest
QuestQuest
Sponsored byUnderstanding“RedForest”:The3-Tier
EnhancedSecurityAdminEnvironment
(ESAE)andAlternativeWaystoProtect
PrivilegedCredentials
© 2017 Monterey Technology Group Inc.
Thanks to
 Made possible by
Preview of key
points
 Very important concepts
 PtH
 Logon types are not created equal
 Security dependencies
 Clean source
 The problem with AD Forests
 The 3-tier AD security zone design
 DeployingTier 0 in a “red” forest
 Completing the Enhanced SecurityAdministrative Environment
 Beyond
 How far does ESAE get you?
 Alternatives and gaps
 Privilege management
Pass-the-hash
 To view this webcast: https://www.quest.com/webcast-
ondemand/understanding-red-forest-the-3tier-enhanced-
security-admin-environment8121798/
 And related to credential artifact theft
 Randy Smith/QuestWebinar: Deep Dive: Understanding Pass-
the-Hash Attacks and How to Prevent
 https://www.quest.com/webcast-ondemand/-understanding-
pass-the-hash-attacks830251
Logon types
are not
created equal
 The difference between interactive and network logons
 Same goes for other logon types
Interactive
logon
Network
logon
hash
hash
Security
dependencies
 Control relationships create security dependencies
Subject Controls Object
Security dependency
The problem
withAD
forests
 Domains inside a forest are not security boundaries
 The forest is the “security boundary”
 A lot risks with admin accounts in the same forest they
administer
 Privilege escalation
 Credential theft
 Control over each other
 No security zones
The 3-tier
design
Tier 0 – Domain Admins
Tier 1 – Server Admins
Tier 2 –Workstation
Admins
Tier isolation
 Accounts
 Servers
 Workstations
 Logon types
 Cross-restrictions
DeployingTier
0 in a “red”
forest
 Tier Zero should be in a different forest
 Production forest trusts red forest
 No domain admin or similarly privileged accounts in production
forest
 Except emergency access account – built-in Administrator
 Red forest dedicated to simply holdingTier 0 accounts for
administering production forest
 Tier 0 accounts do not have privileged access to red forest
 Accounts needed for that purpose might be considerTier -1
The parts
Domain Admins
Administrators
Administrator
The parts trust
Domain Admins
Administrators
Administrator
Delegated Permissions
Domain Admins
Administrators
Administrator
The parts trust
Domain Admins
Administrators
Role B
Role A
Role C
Administrator
Domain Admins
Administrators
Administrator
Delegated Permissions
The parts trust
Interactive logon
Domain controller
Network logon
Completing
the Enhanced
Security
Administrative
Environment
 Identifying who needs what
 Classification into tiers
 Creating roles
 Cleaning up old accounts
 Quest Enterprise Reporter
 Training
 Privileged AdministrativeWorkstations
Beyond  How far does ESAE get you?
 Alternatives and gaps
 Privilege management
How far does
ESAE get you?
 Manages risk for
 Active Directory
 Windows OS
 Doesn’t address
 Many applications aren't compatible with being administered
by accounts from an external forest using a standard trust
 UNIX/Linux
 Devices
Alternatives
and gaps
 ESAE doesn’t stop with a red forest
 Tier 1 should be secured with a privilege management solution
 Check out Quest PAM/PSM solutions
 2 factor authentication
 MS assumes smart cards
 But one time password has significant advantages
 Quest Defender
 Alternative: proxy technology
 Active Roles
 GPO Admin
Bottom line
 Really need to understand security dependencies
 Identify control relationships
 Implementing ESAE
 Need good reporting
 How best to address them
 Red forest is one way to address those risks in AD and Windows
 Privileged Account and Session Management Solutions
 Go beyond AD andWindows
 Proxy technologies provide a compelling alternative or
compliment to isolated red forest
 Understand the limitations of smart cards and the advantages
of OTP
 Check outQuest
© 2017 Monterey Technology Group Inc.
“Red Forest”
Bryan Patton, CISSP
Identify who is doing
what
Confidential22
Executive Order 13636 issued February 12, 2013
NIST Framework
Confidential23
Identify applications on assets that require administrative rights
Confidential24
What are some privileged accounts in an environment?
Identify Privileged Accounts
• Domain Admins
• Enterprise Admins
• Local Administrators
• SA
• Helpdesk
• OU Admins
• Service Accounts
• Unknown
Confidential25
Identification of known Privileged Accounts
Confidential26
Identification of unknown Privileged Accounts
Confidential27
Identification of Privileges on computer accounts
Confidential28
Identification of third party software on DC’s
Confidential29
Identification of what accounts are doing
Protection
Confidential31
Changes to Active Directory via proxy
Confidential32
Protect Active Directory- Enforce Least Privilege Access
Confidential33
Protect Workstations- Enforce Least Privilege Access
Confidential34
Protect hardware- block USB
Confidential35
Protect- Implement Group Policy
Confidential36
Protect- Workflow Approval Process
Request Review Approve Commit
Immediate
Schedule
Email
Approve?
Approve
Deny
View
Details
Rejection
Comments
Email
Approve?
Approve
Deny
View
Details
Rejection
Comments
Email
Confidential37
Protect- Prevent “Privileged Users” from performing actions
Detect
Confidential39
Detect- What can we do?
Confidential40
Detect- GPO Changes outside of version control system
Respond
Confidential42
Respond- Quickly search to identify relationships
Confidential43
Respond- Changes through Active Roles
Confidential44
Respond- Changes outside of Active Roles
Confidential45
Pre and post actions enable users to execute custom scripts before or after a
GPOADmin action to facilitate integration with internal processes and systems.
Respond after making a change to a GPO
Confidential46
Respond- use data to change what accounts are allowed to do
Recover
Confidential48
Recovery Active Directory from attribute to Forest level
Confidential49
Recovery a GPO to a specific version
1 of 49

Recommended

Derbycon - The Unintended Risks of Trusting Active Directory by
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryWill Schroeder
35.8K views51 slides
Evading Microsoft ATA for Active Directory Domination by
Evading Microsoft ATA for Active Directory DominationEvading Microsoft ATA for Active Directory Domination
Evading Microsoft ATA for Active Directory DominationNikhil Mittal
35.4K views59 slides
Pgsodium's Features: those not provided by pgcrypto and integration with rem... by
 Pgsodium's Features: those not provided by pgcrypto and integration with rem... Pgsodium's Features: those not provided by pgcrypto and integration with rem...
Pgsodium's Features: those not provided by pgcrypto and integration with rem...EDB
222 views17 slides
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault by
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
2.1K views22 slides
Abusing Microsoft Kerberos - Sorry you guys don't get it by
Abusing Microsoft Kerberos - Sorry you guys don't get itAbusing Microsoft Kerberos - Sorry you guys don't get it
Abusing Microsoft Kerberos - Sorry you guys don't get itBenjamin Delpy
43.1K views53 slides
Transparent Data Encryption in PostgreSQL and Integration with Key Management... by
Transparent Data Encryption in PostgreSQL and Integration with Key Management...Transparent Data Encryption in PostgreSQL and Integration with Key Management...
Transparent Data Encryption in PostgreSQL and Integration with Key Management...Masahiko Sawada
12.3K views46 slides

More Related Content

What's hot

Patroni - HA PostgreSQL made easy by
Patroni - HA PostgreSQL made easyPatroni - HA PostgreSQL made easy
Patroni - HA PostgreSQL made easyAlexander Kukushkin
2.3K views35 slides
A Case Study in Attacking KeePass by
A Case Study in Attacking KeePassA Case Study in Attacking KeePass
A Case Study in Attacking KeePassWill Schroeder
9.9K views50 slides
ATT&CKING Containers in The Cloud by
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudMITRE ATT&CK
650 views27 slides
Privilege escalation from 1 to 0 Workshop by
Privilege escalation from 1 to 0 Workshop Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop Hossam .M Hamed
1K views60 slides
PowerShell for Practical Purple Teaming by
PowerShell for Practical Purple TeamingPowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingNikhil Mittal
5.3K views46 slides
Here Be Dragons: The Unexplored Land of Active Directory ACLs by
Here Be Dragons: The Unexplored Land of Active Directory ACLsHere Be Dragons: The Unexplored Land of Active Directory ACLs
Here Be Dragons: The Unexplored Land of Active Directory ACLsAndy Robbins
6.2K views47 slides

What's hot(20)

A Case Study in Attacking KeePass by Will Schroeder
A Case Study in Attacking KeePassA Case Study in Attacking KeePass
A Case Study in Attacking KeePass
Will Schroeder9.9K views
ATT&CKING Containers in The Cloud by MITRE ATT&CK
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
MITRE ATT&CK650 views
Privilege escalation from 1 to 0 Workshop by Hossam .M Hamed
Privilege escalation from 1 to 0 Workshop Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop
Hossam .M Hamed1K views
PowerShell for Practical Purple Teaming by Nikhil Mittal
PowerShell for Practical Purple TeamingPowerShell for Practical Purple Teaming
PowerShell for Practical Purple Teaming
Nikhil Mittal5.3K views
Here Be Dragons: The Unexplored Land of Active Directory ACLs by Andy Robbins
Here Be Dragons: The Unexplored Land of Active Directory ACLsHere Be Dragons: The Unexplored Land of Active Directory ACLs
Here Be Dragons: The Unexplored Land of Active Directory ACLs
Andy Robbins6.2K views
FreeIPA - Attacking the Active Directory of Linux by Julian Catrambone
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of Linux
Julian Catrambone911 views
The Unintended Risks of Trusting Active Directory by Will Schroeder
The Unintended Risks of Trusting Active DirectoryThe Unintended Risks of Trusting Active Directory
The Unintended Risks of Trusting Active Directory
Will Schroeder8.5K views
Prometheus by wyukawa
PrometheusPrometheus
Prometheus
wyukawa 1.3K views
Monitoring Kubernetes with Prometheus by Grafana Labs
Monitoring Kubernetes with PrometheusMonitoring Kubernetes with Prometheus
Monitoring Kubernetes with Prometheus
Grafana Labs4.2K views
Six Degrees of Domain Admin - BloodHound at DEF CON 24 by Andy Robbins
Six Degrees of Domain Admin - BloodHound at DEF CON 24Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24
Andy Robbins17.1K views
aclpwn - Active Directory ACL exploitation with BloodHound by DirkjanMollema
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHound
DirkjanMollema11.5K views
MeetUp Monitoring with Prometheus and Grafana (September 2018) by Lucas Jellema
MeetUp Monitoring with Prometheus and Grafana (September 2018)MeetUp Monitoring with Prometheus and Grafana (September 2018)
MeetUp Monitoring with Prometheus and Grafana (September 2018)
Lucas Jellema6.2K views
0wn-premises: Bypassing Microsoft Defender for Identity by Nikhil Mittal
0wn-premises: Bypassing Microsoft Defender for Identity0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for Identity
Nikhil Mittal1.6K views
What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa... by ScaleGrid.io
What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa...What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa...
What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa...
ScaleGrid.io844 views
Finding attacks with these 6 events by Michael Gough
Finding attacks with these 6 eventsFinding attacks with these 6 events
Finding attacks with these 6 events
Michael Gough9.1K views
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요 by Jo Hoon
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
Jo Hoon4.6K views
Introducing ArTHIR - ATT&CK Remote Threat Hunting Incident Response Windows tool by Michael Gough
Introducing ArTHIR - ATT&CK Remote Threat Hunting Incident Response Windows toolIntroducing ArTHIR - ATT&CK Remote Threat Hunting Incident Response Windows tool
Introducing ArTHIR - ATT&CK Remote Threat Hunting Incident Response Windows tool
Michael Gough2.4K views

Similar to Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect Privileged Credentials

Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a... by
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Bruno Caseiro
318 views37 slides
Securing DevOps through Privileged Access Management by
Securing DevOps through Privileged Access ManagementSecuring DevOps through Privileged Access Management
Securing DevOps through Privileged Access ManagementBeyondTrust
1.1K views39 slides
AWS Summit Auckland Sponsor Presentation - Dome9 by
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9Amazon Web Services
578 views16 slides
Big Data Security: Facing the challenge by
Big Data Security: Facing the challengeBig Data Security: Facing the challenge
Big Data Security: Facing the challengeStratio
457 views51 slides
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi... by
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Michael Noel
12 views37 slides
Webinar hiware by
Webinar hiwareWebinar hiware
Webinar hiwareSeokminyoon4
76 views47 slides

Similar to Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect Privileged Credentials(20)

Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a... by Bruno Caseiro
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Bruno Caseiro318 views
Securing DevOps through Privileged Access Management by BeyondTrust
Securing DevOps through Privileged Access ManagementSecuring DevOps through Privileged Access Management
Securing DevOps through Privileged Access Management
BeyondTrust1.1K views
AWS Summit Auckland Sponsor Presentation - Dome9 by Amazon Web Services
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9
Big Data Security: Facing the challenge by Stratio
Big Data Security: Facing the challengeBig Data Security: Facing the challenge
Big Data Security: Facing the challenge
Stratio457 views
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi... by Michael Noel
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Michael Noel12 views
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ... by PlatformSecurityManagement
ASMC 2017 - Martin Vliem -  Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem -  Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
Understanding Database Encryption & Protecting Against the Insider Threat wit... by MongoDB
Understanding Database Encryption & Protecting Against the Insider Threat wit...Understanding Database Encryption & Protecting Against the Insider Threat wit...
Understanding Database Encryption & Protecting Against the Insider Threat wit...
MongoDB2.6K views
Privleged Access Management by Lance Peterman
Privleged Access ManagementPrivleged Access Management
Privleged Access Management
Lance Peterman1.1K views
Privileged identity management by Nis
Privileged identity managementPrivileged identity management
Privileged identity management
Nis1.2K views
Teknisen tietoturvan minimivaatimukset by Teemu Tiainen
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimukset
Teemu Tiainen427 views
Cloud Security for Startups - From A to E(xit) by Shahar Geiger Maor
Cloud Security for Startups - From A to E(xit)Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)
Shahar Geiger Maor308 views
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w... by Adam Pennington
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Adam Pennington3K views
Securely Harden Microsoft 365 with Secure Score by Joel Oleson
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
Joel Oleson387 views
Identity & Access Management - Securing Your Data in the 21st Century Enterprise by Lance Peterman
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman1.4K views
CoLabora March 2022 - Improve security posture by implementing new Azure AD ... by Peter Selch Dahl
CoLabora March 2022 -  Improve security posture by implementing new Azure AD ...CoLabora March 2022 -  Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
Peter Selch Dahl78 views
19.) security pivot (policy byod nac) by Jeff Green
19.) security pivot (policy byod nac)19.) security pivot (policy byod nac)
19.) security pivot (policy byod nac)
Jeff Green816 views
19.) security pivot (policy byod nac) by Jeff Green
19.) security pivot (policy byod nac)19.) security pivot (policy byod nac)
19.) security pivot (policy byod nac)
Jeff Green441 views
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A... by Scott Hoag
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
Scott Hoag1.3K views

More from Quest

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario by
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioQuest
1.4K views28 slides
Got Open Source? by
Got Open Source?Got Open Source?
Got Open Source?Quest
144 views13 slides
SQL Server 2017 Enhancements You Need To Know by
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowQuest
455 views32 slides
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption by
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest
367 views15 slides
Top 10 Enterprise Reporter Reports You Didn't Know You Needed by
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededQuest
799 views21 slides
Migrating to Windows 10: Starting Fast. Finishing Strong by
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongQuest
593 views7 slides

More from Quest(20)

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario by Quest
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
Quest1.4K views
Got Open Source? by Quest
Got Open Source?Got Open Source?
Got Open Source?
Quest144 views
SQL Server 2017 Enhancements You Need To Know by Quest
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
Quest455 views
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption by Quest
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest367 views
Top 10 Enterprise Reporter Reports You Didn't Know You Needed by Quest
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Quest799 views
Migrating to Windows 10: Starting Fast. Finishing Strong by Quest
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing Strong
Quest593 views
The Cost of Doing Nothing: A Ransomware Backup Story by Quest
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest882 views
Ensuring Rock-Solid Unified Endpoint Management by Quest
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
Quest1.2K views
Effective Patch and Software Update Management by Quest
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
Quest1.6K views
Predicting the Future of Endpoint Management in a Mobile World by Quest
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
Quest778 views
Investigating and Recovering from a Potential Hybrid AD Security Breach by Quest
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
Quest272 views
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A... by Quest
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Quest519 views
Sounding the Alarm with Real-Time AD Detection and Alerting by Quest
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and Alerting
Quest613 views
Identifying Hybrid AD Security Risks with Continuous Assessment by Quest
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment
Quest901 views
Reducing the Chance of an Office 365 Security Breach by Quest
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
Quest259 views
Office 365 Best Practices That You Are Not Thinking About by Quest
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking About
Quest1.9K views
How to Restructure Active Directory with ZeroIMPACT by Quest
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACT
Quest1.5K views
How to Secure Access Control in Office 365 Environments by Quest
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
Quest741 views
Your Biggest Systems Management Challenges – and How to Overcome Them by Quest
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
Quest538 views
Top Five Office 365 Migration Headaches and How to Avoid Them by Quest
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid Them
Quest957 views

Recently uploaded

Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium... by
Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...
Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...Lisi Hocke
28 views124 slides
SUGCON ANZ Presentation V2.1 Final.pptx by
SUGCON ANZ Presentation V2.1 Final.pptxSUGCON ANZ Presentation V2.1 Final.pptx
SUGCON ANZ Presentation V2.1 Final.pptxJack Spektor
22 views34 slides
A first look at MariaDB 11.x features and ideas on how to use them by
A first look at MariaDB 11.x features and ideas on how to use themA first look at MariaDB 11.x features and ideas on how to use them
A first look at MariaDB 11.x features and ideas on how to use themFederico Razzoli
45 views36 slides
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut... by
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...Deltares
6 views28 slides
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ... by
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...Donato Onofri
773 views34 slides
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t... by
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...Deltares
9 views26 slides

Recently uploaded(20)

Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium... by Lisi Hocke
Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...
Team Transformation Tactics for Holistic Testing and Quality (Japan Symposium...
Lisi Hocke28 views
SUGCON ANZ Presentation V2.1 Final.pptx by Jack Spektor
SUGCON ANZ Presentation V2.1 Final.pptxSUGCON ANZ Presentation V2.1 Final.pptx
SUGCON ANZ Presentation V2.1 Final.pptx
Jack Spektor22 views
A first look at MariaDB 11.x features and ideas on how to use them by Federico Razzoli
A first look at MariaDB 11.x features and ideas on how to use themA first look at MariaDB 11.x features and ideas on how to use them
A first look at MariaDB 11.x features and ideas on how to use them
Federico Razzoli45 views
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut... by Deltares
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...
DSD-INT 2023 Machine learning in hydraulic engineering - Exploring unseen fut...
Deltares6 views
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ... by Donato Onofri
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...
Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR ...
Donato Onofri773 views
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t... by Deltares
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...
Deltares9 views
FIMA 2023 Neo4j & FS - Entity Resolution.pptx by Neo4j
FIMA 2023 Neo4j & FS - Entity Resolution.pptxFIMA 2023 Neo4j & FS - Entity Resolution.pptx
FIMA 2023 Neo4j & FS - Entity Resolution.pptx
Neo4j6 views
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h... by Deltares
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
Deltares5 views
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action by Márton Kodok
Gen Apps on Google Cloud PaLM2 and Codey APIs in ActionGen Apps on Google Cloud PaLM2 and Codey APIs in Action
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action
Márton Kodok5 views
Airline Booking Software by SharmiMehta
Airline Booking SoftwareAirline Booking Software
Airline Booking Software
SharmiMehta5 views
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the... by Deltares
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...
Deltares6 views
360 graden fabriek by info33492
360 graden fabriek360 graden fabriek
360 graden fabriek
info3349236 views
Headless JS UG Presentation.pptx by Jack Spektor
Headless JS UG Presentation.pptxHeadless JS UG Presentation.pptx
Headless JS UG Presentation.pptx
Jack Spektor7 views
DSD-INT 2023 3D hydrodynamic modelling of microplastic transport in lakes - J... by Deltares
DSD-INT 2023 3D hydrodynamic modelling of microplastic transport in lakes - J...DSD-INT 2023 3D hydrodynamic modelling of microplastic transport in lakes - J...
DSD-INT 2023 3D hydrodynamic modelling of microplastic transport in lakes - J...
Deltares9 views
Fleet Management Software in India by Fleetable
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India
Fleetable11 views
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -... by Deltares
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...
Deltares6 views

Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect Privileged Credentials