This is why Active Directory security is so important.
Let’s create a thread with everyone’s hardening tips, detection rules etc
Hardening Guide - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
Detection rules - https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem
#infosec #cybersecurity #BlueTeam https://twitter.com/byt3bl33d3r/status/1288740883718795264
Let’s create a thread with everyone’s hardening tips, detection rules etc

Hardening Guide - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
Detection rules - https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem
#infosec #cybersecurity #BlueTeam https://twitter.com/byt3bl33d3r/status/1288740883718795264
Some more useful things (please share your own ideas too
)
Hardening - https://activedirectorypro.com/active-directory-security-best-practices/
Some really good rules here (not all active directory related, but still lots are) - https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin

Hardening - https://activedirectorypro.com/active-directory-security-best-practices/
Some really good rules here (not all active directory related, but still lots are) - https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin
Best practices - https://www.dnsstuff.com/active-directory-best-practices
Would anyone like a blog post summarising all the information in this thread + more? Just a round up of active directory security tips, hardening, best practices and detections?
Blog Post out now, hope you enjoy
https://blueteamblog.com/active-directory-security-hardening-auditing-and-detection-rules

If you enjoyed this thread, I just posted a blog post with all this information + more. Check it out here - https://blueteamblog.com/active-directory-security-hardening-auditing-and-detection-rules