Semperis Releases Enterprise Active Directory Security Posture Study Reveals Significant Differences Across Industries in AD Security. There are still a lot of security gaps to be found.
Organizations of all sizes and industries are failing to close Active Directory (AD) vulnerabilities that can leave them vulnerable to cyberattacks, according to a survey of IT and security leaders using Semperis' Purple Knight. Organizations scored an average of 68% across five Active Directory security categories, a mixed score. Large organizations scored even lower on the assessment - with an average score of 64% - indicating that the challenges of securing Active Directory with legacy applications and complex environments are increasing, particularly in large organizations.
32 percent Active Directory vulnerabilities
Microsoft Active Directory (AD) was a revolutionary technology at the time of its release, originally released with the Windows 2000 Server operating system, and it continues to power much of the hyper-connected world of work. Microsoft AD prevailed over all other directories for one main reason: it was open. Because of this openness and easy integration, AD is still a fundamental infrastructure for 90% of companies today. However, its greatest strength 21 years ago has now become its most worrying weakness.
The threat of hackers
If companies take into account that a hacker can use any non-privileged AD account to read almost all attributes and objects in AD, including permissions, which allows him to find computer accounts in any domain of an AD forest configured with full delegation , then it becomes clear why the default AD openness has become a vulnerability. Today, with the disappearance of the network perimeter, identity has become the last line of defense against cyberattacks.
Researchers at Mandiant recently reported that 90 percent of the incidents they study involve AD in one form or another. Some of the biggest and most recent AD security breaches are SolarWinds, Hafnium and the Colonial Pipeline attack, which made headlines due to their scale and the disruption caused by the Microsoft AD failure.
Active Directory security assessment tool Purple Knight
Security tool Purple Knight finds Active Directory security gaps (Image: Semperis).
Semperis is a pioneer in managing and protecting credentials in hybrid enterprise environments and is purpose-built to secure AD. Last year it launched a free AD security assessment tool, Purple Knight, and today is publishing the results of data from 1000 IT and security leaders who have used Purple Knight.
summary of results
- Organizations scored an overall average of 68% across five Active Directory security categories; AD delegation, account security, AD infrastructure security, group policy security, and Kerberos security. That's barely passed.
- Large organizations performed even worse - with an average score of 64% - indicating that the challenges of securing Active Directory with legacy applications and complex environments are increasing, especially in large organizations.
Organizations reported the lowest scores for account security, which covers individual account settings such as B. Privileged accounts with a password that never expires. - Insurance companies reported the lowest overall scores (55%), followed by healthcare (63%) and transportation (64%).
Carriers reported grossly unsatisfactory results for Group Policy (36%) and Account Security (46%).
Public infrastructure operators scored the highest overall (71%), followed by government agencies (70%).
Respondents cited various catalysts for downloading the security assessment, ranging from an increase in attacks in their industries, to organizational mandates, to security breach remediation. Many of the respondents said they are from the results of their Purple Knight reports been very surprised.
More at Semperis.com
About Semperis
For security teams tasked with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain, reducing recovery time by 90%. Purpose-built to secure hybrid Active Directory environments, Semperis' patented technology protects over 50 million identities from cyberattacks, data breaches and operational failures.