Active Directory
Escalating from child domain’s admins to enterprise admins in 5 minutes by abusing AD CS, a follow up
Hello everyone, long time no see. I’m still extremely busy on my main job stuff, specifically PKI Spotlight commercial product development, so my blogging has slowed, and I’m here again! Prologue Disclaimer: This post contains steps and information that can lead to legal issues with your employer and lawsuits if you execute them in a…
Read MoreADCS SID Extension Policy Module is live!
Hello everyone, here is my next blog post after a long delay. While I’m working on PKI Spotlight product, I never forget about open-source products and a lot was changed without much announces since the work is still in progress. Today I want to inform about my next effort and it is a big one.…
Read MoreEnabling Active Directory Certificate Services (ADCS) advanced audit
Hello S-1-1-0, here is another unscheduled blog post on enabling advanced audit in Microsoft CA. Today I went through another thread on Twitter which suggests how to enable advanced audit in Microsoft CA. Throughout the thread it was apparent that only partial solution was provided. Windows CA auditing engines Microsoft CA implements a set of…
Read MoreThe PKI Guy talks securing identities with Marina Simakov of Preempt
Q&A with Marina Simakov, security researcher at Preempt TPG: What can organizations do to best protect their organizations now that the bulk of employees are working remotely? MS: Many organizations may have covered the fundamentals of user authentication and security by defining privileged accounts, enforcing restricted access to crown jewel assets, and reducing the attack…
Read MoreOur Advanced PKI Training Course Is Now Online
Now is the time to keep your PKI healthy – now more than ever. The key to operating and maintaining your PKI is understanding how it all works. We all know that PKIs are the foundational backbone of enterprise IT security, IoT, and industry specific security standards. Ensuring the security and integrity of your PKI…
Read More