Active Directory
Active Directory | News, how-tos, features, reviews, and videos
Why you might not be done with your January Microsoft security patches
Microsoft released a flurry of security patches and updates in January, so it would be easy to overlook these two.
Recommended security resources for Microsoft Active Directory
These resources will keep you up to date on how to best protect your Active Directory domains.
How and why threat actors target Microsoft Active Directory
New vulnerabilities in Active Directory emerge regularly, and unpatched old ones and misconfigurations open doors for attackers.
How to mitigate Active Directory attacks that use the KrbRelayUp toolset
Attackers are using the KrbRelayUp toolset to compromise Kerberos in on-premises Active Directory networks. This two-step process should protect you.
Patching the latest Active Directory vulnerabilities is not enough
Follow these steps after running the November and May Microsoft updates to fully address Active Directory vulnerabilities.
Attivo Networks expands Active Directory protection
Domain Controller solution guards against bad behavior from unmanaged devices.
Active Directory security updates: What you need to know
These Active Directory updates address critical privilege bypass and elevation vulnerabilities. Implement them now if you can.
6 vulnerabilities Microsoft hasn't patched (or can't)
Your IT and security admins need to be aware of these unpatched Microsoft vulnerabilities so that they can mitigate them in other ways.
How to review password quality in Active Directory
Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.
![Windows security and protection [Windows logo/locks]](https://images.idgesg.net/images/article/2018/02/windows_security_safety_protection_encryption_locks_thinkstock_831741980-100749419-small.3x2.jpg?auto=webp&quality=85,70)
How to check for Active Directory Certificate Services misconfigurations
Recently discovered Microsoft Windows AD CS configuration errors could give attackers account and domain control. Here's how to audit AD CS for vulnerable configurations.
Tech Primer
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...
Tech Primer
Fraud prevention: Improving internal controls
Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.
Tech Primer
How to write an information security policy
Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.
Tech Primer
Red team versus blue team: How to run an effective simulation
Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.
Tech Primer
How to survive (and thrive) in the CISO hot seat
The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.
eBook
Special report: platforms play big in the cloud
This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.
Research/Infographic
Research report: IT security's looming tipping point
Even as security draws board-level attention, many IT professionals give their organizations’ infosec practices low marks. This special report from CIO, CSO and Computerworld reveals how to tip the balance in the right direction.
eGuide
The CSO identity management survival guide
This guide will help you communicate through the challenges of identity management, learn from success stories and discover the most valuable features of today's identity management tools.