This is why Active Directory security is so important.
Let’s create a thread with everyone’s hardening tips, detection rules etc
https://abs.twimg.com/emoji/v2/... draggable="false" alt="😀" title="Grinsendes Gesicht" aria-label="Emoji: Grinsendes Gesicht">
Hardening Guide - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
Detection">https://docs.microsoft.com/en-us/win... rules - https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem
https://blueteamblog.com/18-ways-t... href="https://twtext.com//hashtag/infosec"> #infosec #cybersecurity #BlueTeam https://twitter.com/byt3bl33d3r/status/1288740883718795264">https://twitter.com/byt3bl33d...
Let’s create a thread with everyone’s hardening tips, detection rules etc
Hardening Guide - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
Detection">https://docs.microsoft.com/en-us/win... rules - https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem
https://blueteamblog.com/18-ways-t... href="https://twtext.com//hashtag/infosec"> #infosec #cybersecurity #BlueTeam https://twitter.com/byt3bl33d3r/status/1288740883718795264">https://twitter.com/byt3bl33d...
Some more useful things (please share your own ideas too
https://abs.twimg.com/emoji/v2/... draggable="false" alt="😀" title="Grinsendes Gesicht" aria-label="Emoji: Grinsendes Gesicht">)
Hardening - https://activedirectorypro.com/active-directory-security-best-practices/
Some">https://activedirectorypro.com/active-di... really good rules here (not all active directory related, but still lots are) - https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin">https://github.com/Neo23x0/s...
Hardening - https://activedirectorypro.com/active-directory-security-best-practices/
Some">https://activedirectorypro.com/active-di... really good rules here (not all active directory related, but still lots are) - https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin">https://github.com/Neo23x0/s...
Best practices - https://www.dnsstuff.com/active-directory-best-practices">https://www.dnsstuff.com/active-di...
Would anyone like a blog post summarising all the information in this thread + more? Just a round up of active directory security tips, hardening, best practices and detections?
Blog Post out now, hope you enjoy
https://abs.twimg.com/emoji/v2/... draggable="false" alt="😀" title="Grinsendes Gesicht" aria-label="Emoji: Grinsendes Gesicht"> https://blueteamblog.com/active-directory-security-hardening-auditing-and-detection-rules">https://blueteamblog.com/active-di...
If you enjoyed this thread, I just posted a blog post with all this information + more. Check it out here - https://blueteamblog.com/active-directory-security-hardening-auditing-and-detection-rules">https://blueteamblog.com/active-di...