I agree AD is far from irrelevant. I have run into IBM mainframes and in one instance OS2 during tests. Legacy dogma is hard to get rid of.
I understand the business case for ID management but it seems smaller companies that become larger companies don't invest in Microsoft like they use to. I may have a biased view but i am seeing fewer and fewer Exchange/AD installs in favor of things like Google apps or SSO offerings from people like Ping. This doesn't mean I've given up on AD I just now focus on its interoperability with 3rd services. Or backups...backups seem hard for people to do correctly. > On Sep 11, 2015, at 03:46, Konrads Smelkovs <[email protected]> > wrote: > > Active Directory is far from being irrelevant - it is probably the one system > that will remain in the enterprise forever* and here's why: nearly every > enterprise security strategy has identify management as their #1 priority and > you need a master repository of those. It is practically very difficult to do > cloud-anything if you don't know for sure who works for you and the SAML > based authentication that ADFS makes point-and-click easy means it probably > is a CIOs smartest investment and everyone will remind her/him of that > > It is also true, that proliferation of easy targets on the internal network > that happen to have domain admin creds is being reduced and as such the > length of the attack chain increases before you achieve full control. > > > > > * in the future, where everything is in the cloud, the only reason VPN will > exist is so that security ops can sniff your traffic. > -- > Applied IT sorcery > From: [email protected] > Sent: Thursday, 10 September 2015 20:23 > To: Dave Aitel > Cc: [email protected] > Subject: Re: [Dailydave] Cicadas > > Dave, > Active Directory has long been my favorite target because of the power a > Domain Admin wields combined with the odds and ends that get integrated means > any bug can be devastating > > The "cloud" has been making vast inroads in Enterprise customer bases. I find > companies that have started post 2010 that are large enough to require pen > tests favor the out sourced infrastructure. > > Alas AD is becoming less important and Microsoft might come out ahead on the > technical debt because the pushed the can down the road far enough to where > they are no longer as important. > > DaveM > > >> On Sep 10, 2015, at 13:17, Dave Aitel <[email protected]> wrote: >> >> Yagate shinu >> Keshiki wa miezu >> Semi no koe >> - Basho >> >> I updated my SILICA this morning while making pancakes for the kids, as you >> do, and of course, all around me looked about with new eyes. I have a new >> mesh network that a friend installed in my house and it's interesting to see >> what it looks like to a wireless hacker. If you haven't seen the new SILICA >> video it is here: https://vimeo.com/136964755 >> >> There's this sense that hackers get which is divorced from what is in Wired >> or Business Insider or BlackHat which is "Works in the Wild". It's a >> palpable thing, that sets priorities like a hot oil such that you can tell >> who has "Gone Active", as they say, from their recoiling from various >> technologies. One technology that is currently on the hot plate is Active >> Directory. You can see from talks even at DefCon that people are looking at >> WMI as a persistence mechanism in the wild. And the Microsoft talk from >> INFILTRATE 2014 went over a whole methodology for attacking Active Directory >> networks that dragged public discussion of the techniques into the modern >> age. For decades AD has been a disaster from a security perspective - by >> design - and now all that technical debt is coming due like a storm of >> cicadas chirping their last song. >> >> -dave >> >> >> >> >> >> _______________________________________________ >> Dailydave mailing list >> [email protected] >> https://lists.immunityinc.com/mailman/listinfo/dailydave >
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
