Operational Services
Directory Services Security
Protect your Active Directory, the prime target for attackers
Why secure Active Directory?
Active Directory is at the heart of most information systems. It manages identities, access and security policies for your organization. That's why it's a prime target for attackers.
Key statistic
95% of ransomware attacks go through Active Directory compromise to spread across the network.
Our services
Active Directory Audit
Complete security assessment of your AD environment
- ✓Architecture and design
- ✓Privileged accounts
- ✓Attack paths (BloodHound)
- ✓Password policy
- ✓Group Policy Objects (GPO)
- ✓Delegations and permissions
AD Hardening
Implementation of protection measures
- ✓Tiering Model (Tiers 0, 1, 2)
- ✓Privileged Access Workstations (PAW)
- ✓LAPS (Local Administrator Password Solution)
- ✓Attack path removal
- ✓Security GPO configuration
- ✓Legacy protocol restriction
Monitoring and detection
Supervision setup
- ✓AD log collection and analysis
- ✓Attack detection (Kerberoasting, DCSync...)
- ✓Alerting on critical changes
- ✓Microsoft Defender for Identity
- ✓Honeypots and decoys
Recovery plan
Incident recovery preparation
- ✓Domain controller backup
- ✓Restoration procedures
- ✓Business continuity testing
- ✓Technical documentation
Common Active Directory attacks
We identify and protect against the most common attack techniques
Tiering Model
We implement Microsoft's tiering model to protect your critical assets
Identity control
Domain controllers, PKI, ADFS, Azure AD Connect
Servers and applications
Application servers, databases, middleware
Workstations
User workstations, mobile devices, printers
Secure your Active Directory
Protect the heart of your information system against attackers.
Request an AD audit