AD Security Assessment

Context

Active Directory (AD) is a crucial part of an organization’s network.

AD is the lifeblood of modern networks, and without it, the whole organization can grind to a halt.

Attackers target the system to access and obtain new credentials to help them move laterally in the network.

Its progressive nature and the complex security framework gives an unfair advantage to attackers.

Based on observations made during incident response assignments and penetration test assignments, we can confirm that the IT criminals put significant effort towards attacking Active Directory.

If an attacker gains access to your AD, they control your organisation.

Our approach

Don’t take any chances.
Have your AD assessed.

ESSENTIAL CHECK

25 essential controls to see if the Active Directory follows the most widely accepted best practices and ensures that attackers cannot obtain access with most used attack tools.

Examples of controls:

Credential stealing and account takeover
Misconfiguration of privileged users
Kerberoasting of privileged users
Hardening of Enterprise, Domain and Local Adminstrators
Access Control List misconfigurations
Strong password policies
Best practice audit logging
Domain & forest functional levels

EXTENDED CHECK

A further 75 controls gives you a more in-depth analysis and better coverage of your security posture. The result leaves you with a healthy level of security that can withstand even skilled attackers.

Examples of additional controls:

Protections against advanced credential-stealing attacks
Unconstrained delegation analysis
Protections against Golden and Silver Ticket attacks
Legacy protocols and broken cryptography primitives
Implanted malicious accounts and Shadow Administrator activity
Analyzing group policies for credential leaks
Best practices in architecture such as Administrative Tier Model and Enhanced Security Administrative Environment (ESAE)
Control path analysis

What we provide

Our methodology is
extensive & fast.

Chronos

We leverage our proprietary, purpose-built platform to ensure a fast, accurate, and effective service delivery process.

Scales, automates and improves every aspect of the investigative process, from data collection, to analysis and reporting.
It takes only 5 minutes to run our application and it can be run from anywhere.
Powerful intelligence and analytics tools ensure depth and breadth of analysis.

TESTIMONIAL

"AD Security Assessment became an amazing solution for our business, where we managed to get a full report covering all our security issues and misconfigurations. The unparalleled expertise that we gained from CSIS specialists has helped us significantly to strengthen our organization’s security posture and improve resilience against targeted attacks."

BRIAN LOLK

Team leader - IT and Project

See us in action.

Request a Call

Rest Assured.

We are the leader in actionable and intelligence-driven detection and response services.

I agree to receiving communications inline with CSIS’s Privacy and Cookies Policy. You can unsubscribe from these communications at any time.

I agree with the terms inline with CSIS’s Privacy and Cookies Policy.