RunAs Radio

Hardening Active Directory with Jerry Devore

Jan 10, 2024

Jerry Devore, expert on hardening Active Directory, discusses the importance of good credential hygiene, the impact of NTLM2 on compatibility level in Active Directory, and addressing security gaps in Active Directory. He also highlights the challenges of Active Directory consolidation and upgrade after mergers and acquisitions, emphasizing the need for AD cleanup and application modernization.

37:20

Creator website

Episode guests

Jerry Devore

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Prioritizing credential hygiene is essential for enhancing Active Directory security.

Addressing vulnerabilities in Active Directory, such as insecure configurations and outdated protocols, is crucial to minimize the risk of exploitation.

Deep dives

Importance of Credential Hygiene and AD Hardening

One of the main points discussed in the podcast is the importance of credential hygiene in Active Directory (AD) hardening. The speaker emphasizes that credential hygiene plays a crucial role in mitigating risks and preventing security breaches. He mentions that in the past, organizations made mistakes with service accounts and excessive delegation of domain admin accounts, resulting in insecure configurations. Old policies and insecure configurations still persist due to fear of breaking functionality or lack of understanding of their original purpose. The speaker suggests that organizations should prioritize cleaning up old policies, implementing tier models, and adopting zero trust concepts to enhance credential hygiene and strengthen AD security.

Introduction

2min

Exploring the Importance of Waterways and the Challenges of Active Directory

3min

The Importance of Leaving AD Policies Untouched

10min

Understanding NTLM2 and its Impact on Compatibility Level in Active Directory

2min

Securing Active Directory and Addressing Security Gaps

2min

Challenges in Active Directory Consolidation and Upgrade

18min

Active Directory is still part of our lives - but can we make it more robust? Richard talks to Jerry Devore about his ongoing blog series on hardening Active Directory. Jerry talks about credential drift - decisions made in the past to turn down (or off!) security features in AD that made sense at the time but are no longer relevant. Most of these efforts only consume time - no products are involved, or the products are free. Check out the links in the show notes for Compliance tools that can help you find vulnerabilities in your infrastructure, including AD.

Links:

Recorded November 20, 2023

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

RunAs Radio

Hardening Active Directory with Jerry Devore

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Importance of Credential Hygiene and AD Hardening

Addressing Vulnerabilities and Exploits

Adopting Baselines and Continuous Monitoring

The Longevity of Active Directory and Azure Integration

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

RunAs Radio

Hardening Active Directory with Jerry Devore

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Importance of Credential Hygiene and AD Hardening

Addressing Vulnerabilities and Exploits

Adopting Baselines and Continuous Monitoring

The Longevity of Active Directory and Azure Integration

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights