This is why Active Directory security is so important.

Let’s create a thread with everyone’s hardening tips, detection rules etc https://abs.twimg.com/emoji/v2/... draggable="false" alt="😀" title="Grinsendes Gesicht" aria-label="Emoji: Grinsendes Gesicht">

Hardening Guide - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory

Detection">https://docs.microsoft.com/en-us/win... rules - https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem

https://blueteamblog.com/18-ways-t... href="https://twtext.com//hashtag/infosec"> #infosec #cybersecurity #BlueTeam https://twitter.com/byt3bl33d3r/status/1288740883718795264">https://twitter.com/byt3bl33d...
Some more useful things (please share your own ideas too https://abs.twimg.com/emoji/v2/... draggable="false" alt="😀" title="Grinsendes Gesicht" aria-label="Emoji: Grinsendes Gesicht">)

Hardening - https://activedirectorypro.com/active-directory-security-best-practices/

Some">https://activedirectorypro.com/active-di... really good rules here (not all active directory related, but still lots are) - https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin">https://github.com/Neo23x0/s...
Would anyone like a blog post summarising all the information in this thread + more? Just a round up of active directory security tips, hardening, best practices and detections?
You can follow @blueteamblog.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: