In any Active Directory (AD)-centric enterprise, AD admins are performing highly complex tasks to configure, reconfigure or troubleshoot the directory and all the connected systems to ensure the business or mission continues uninterrupted. They are truly the unsung and invisible technology heroes who ensure users can access the resources they need for their day-to-day tasks. The tasks these hero admins accomplish require not only extreme AD skill, but permissions to use that skill.
Here’s the problem: The permissions required to build/fix/refix the environment make these admin credentials the sought-after pot of gold for the bad actor looking to exploit the organization or harvest data.
In this open discussion session, Bryan Patton from Quest and Dan Conrad from One Identity will show an "old school" AD attack that is still valid today. They will:
- Walk through the Pass-the-Hash attack method
- Discuss what makes this attack viable
- Show what is actually at risk when this attack is used
The elevated privileges that are compromised in this attack can be secured yet still available to admins only when needed. One Identity’s Just-In-Time Provisioning allows admins to use their highly privileged accounts when they need them, while ensuring these accounts are protected, and even unprivileged, when not in use.
Speakers: Dan Conrad, One Identity and Bryan Patton, Quest