Defusing an In-Progress Identity System Attack

Early in 2021, attackers breached the identity system of a global company with a playbook that is becoming all too common compromising Active Directory, moving laterally and escalating privileges to achieve their objectives. Using lessons learned from the front lines of this cyberattack, Active Directory security experts Guido Grillenmeier and Gil Kirkpatrick walk through the steps organizations can take to effectively respond to an in-progress attack. They'll do a deep dive into this real-life incident to uncover how the attack was conducted, how the response team initially halted the malware from spreading, and what the company discovered in a post-attack analysis about the Active Directory vulnerabilities that remained.

What you'll learn:

  • How to immediately and proactively check Active Directory configuration settings to contain the damage from an in-progress attack
  • How to assess your AD environment to close remaining security gaps that cybercriminals can exploit
  • How to avoid common pitfalls in executing a full AD forest recovery to a known-secure state