Detecting and Mitigating Active Directory Compromises

Publish Date

September 25, 2024

Related topics:

Cyber Threats and Advisories, Incident Detection, Response, and Prevention

This guide informs organizations of recommended strategies to mitigate the 17 most common techniques used by adversaries and malicious actors to compromise Active Directory. It was developed by the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC) in cooperation with the following international partners:

United States (US) Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA).
Canadian Centre for Cyber Security (CCCS)
United Kingdom National Cyber Security Centre (NCSC-UK)
New Zealand National Cyber Security Centre (NCSC-NZ)

This guidance recommends strategies to mitigate techniques used to compromise Active Directory and describes how these techniques can be leveraged by malicious actors. The document is of moderate technical complexity and assumes a basic understanding of cyber security.

Detecting and Mitigating Active Directory Compromises

Tags

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

Understanding and Responding to Distributed Denial-Of-Service Attacks

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders

Detecting and Mitigating Active Directory Compromises

Tags

Related Resources

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

Understanding and Responding to Distributed Denial-Of-Service Attacks

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders