The heart of your identity and access management
Active directory domain services (ADDS) are at the heart of most organisations. It controls identity, access, it enables configuration management via group policy and is the centre of which your staff user experience is based. As such it is a prime target for cyber criminals. If you have an active directory environment it is either a crown jewel itself or it often is the key to your business-critical data. Your domain controllers and access needs protecting, it needs hardening, and it needs monitoring.
The current state of active directory security
Given its age and long-standing deployment as the leading global directory service you would think this means it is fairly nailed down in most organisations. Unfortunately, this is not the case, in the majority of our penetration test we are able to go from adjacent network access to full domain compromise. To help combat this, we have built a service designed to shift the ability of organisations to get insight and to enable remediation to the left! Why wait for a criminal or penetration test to identify your active directory weaknesses? Our Active Directory audit service is a rapid deployment service designed to enable you to:
- Gain rapid visibility into your directory attack surface
- Prepare for future mode changes such as:
- Schema Upgrades
- Operating System Upgrades (e.g. Windows Server 2019)
- Active Directory Migrations
- Enable your executive team to take action to reduce business risk
- Guide your operations and technology management teams to harden and secure your active directory domain services
The broader picture
| Phase 1 | Phase 2 | Phase 3 |
| > Map Active Directory current state >Forests/Domains > DNS > DHCP > RADIUS > ADCS > Azure Connect Identify Active Directory Vulnerabilities > Contextualise Business Risk > Communicate to key stakeholders > Formulate an action/remedial plan | > Conduct configuration management > Change managed remedial activities > Harden the directory > Ensure there a good user experience | > Regular external audits and vulnerability assessments |
If you have concerns about the posture of active directory, if you want to identify, protect, detect, and defend against common cyber threats such as ransomware, securing active directory is a key pillar of reducing business risk, enabling assurance, compliance and helping to avoid major cyber incidents.
Operational Efficiency and Security
Our services surrounding active directory domain services and supporting services (e.g. ADCS, AD Connect (hybrid mode)) not only focus on security but also on operational efficiency and business value. We know that a well managed, well configured and securely deployed active directory are key to an enterprises IT capability.
A range of services
- Active Directory Security Audits
- Vulnerability Assessments & Penetration Testing
- Active Directory Health Checks
- Active Directory Improvement Enablement
Our team have over 38 years experiance working with Windows Domain services based on Active Directory, spanning from WIndows 2000 to Windows Server 2019. From planning, design, deployment, assurance and operations we can support your business with it’s directory services challenges.