Read the original article: How to Install TLS/SSL Certificates in NetApp Clustered Data ONTAP HTTPS has definitively become the default and expected method for internet and web app communications that transmit sensitive data, taking the place of the insecure HTTP.…
Tag: Insider Threat Security Blog
How to Install TLS/SSL Certificates in NetApp Clustered Data ONTAP
Read the original article: How to Install TLS/SSL Certificates in NetApp Clustered Data ONTAP HTTPS has definitively become the default and expected method for internet and web app communications that transmit sensitive data, taking the place of the insecure HTTP.…
Is Privileged Access Management in Need of a Fresh New Approach?
Read the original article: Is Privileged Access Management in Need of a Fresh New Approach? Software products to address privileged access have been around for 20 years. From Password Vaulting to Proxy Servers to Dedicated Administrative Accounts, popular Privileged Access…
Where do My Files Sent Using Teams Chat Go?
Read the original article: Where do My Files Sent Using Teams Chat Go? Do you know what happens when you share a file via a Microsoft Team’s – Team Chat? That file is not just saved in the Teams chat…
Server (Un)Trust Account
Read the original article: Server (Un)Trust Account Active Directory persistence through userAccountControl manipulation I’ve been doing some research on group Managed Service Accounts (gMSAs) recently and reading the MS-SAMR protocol specification for some information. I happened to stumble across some…
ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle
Read the original article: ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle Now that you have been using StealthAUDIT for Oracle for a while, you might be wondering how to squeeze more value out…
What is Privacy by Design?
Read the original article: What is Privacy by Design? In this era of big data, it is in an organization’s best interest to seek to safeguard their critical data assets, especially sensitive data, to the best of their ability. However,…
Data Privacy and Security are Two Sides of the Same Coin
Read the original article: Data Privacy and Security are Two Sides of the Same Coin Two things can be inherently related, even though they are thought of differently. Examples abound, from tragedy and comedy, to fear and elation. Many pairs…
Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1
Read the original article: Data Privacy Essentials: #1 – Don’t Put Your Data at Risk. #2 – Don’t Forget #1 In my last blog, I stated that “data security can be achieved without data privacy, but you can’t effectively fulfill…
How to Join Linux Hosts to Active Directory Using realmd & SSSD
Read the original article: How to Join Linux Hosts to Active Directory Using realmd & SSSD This blog uses apt commands in its examples (for Debian-based distros like Ubuntu, Kali, Mint, etc.), however, examples have also been tested with yum/dnf…
Public Role in SQL Server
Read the original article: Public Role in SQL Server Roles in relational databases make it easier to grant and revoke privileges from multiple users at once. Multiple users can be grouped into one or more roles in a database. Rather…
Easily Prevent More Breaches by Simply Preventing Bad Passwords
Read the original article: Easily Prevent More Breaches by Simply Preventing Bad Passwords A recent cyber-attack on the Canadian government was successful because of a well-known attack technique, credential stuffing. If you’re not familiar, credential stuffing is just taking credentials…
The Growth of Global Data Privacy Laws – Beyond GDPR & CCPA
Read the original article: The Growth of Global Data Privacy Laws – Beyond GDPR & CCPA The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California…
NTFS File Streams – What Are They?
Read the original article: NTFS File Streams – What Are They? NTFS file streams, also known as alternate data streams (ADS), are part of every file, as well as directories (folders), in a Windows NTFS volume. NTFS files and folders…
Data Subject Access Requests (DSAR) – How to Prepare & Respond
Read the original article: Data Subject Access Requests (DSAR) – How to Prepare & Respond A term popularized by the EU’s General Data Protection Regulation (GDPR), a Data Subject Access Request, also known as a DSAR, is an individual’s right…
‘Just-in-Time’ (JIT) – What Does it Mean and How Does it Get Misused?
Read the original article: ‘Just-in-Time’ (JIT) – What Does it Mean and How Does it Get Misused? Just-in-Time, JIT, or just plain old ‘Just in Time’; however you say it, we all understand its meaning – “at time requested” –…
Types of Azure Storage: Blobs, Files, Queues, Tables, & Disks
Read the original article: Types of Azure Storage: Blobs, Files, Queues, Tables, & Disks Azure Storage is Microsoft’s cloud platform for scalable, modern data storage. If the number of options overwhelms you, then keep reading. Each Azure storage offering will…
Using PowerShell Cmdlets with StealthINTERCEPT 7.1
Read the original article: Using PowerShell Cmdlets with StealthINTERCEPT 7.1 StealthINTERCEPT 7.1 ships with a library of cmdlets for PowerShell (PS) which allows PS scripts to perform a majority to the configuration and control tasks normally carried out by the…
Pro Tip – StealthINTERCEPT DB Maintenance Best Practices
Read the original article: Pro Tip – StealthINTERCEPT DB Maintenance Best Practices It is important to monitor the size of the NVMonitorData SQL database that is used by StealthINTERCEPT (SI) to store the event data it collects. In production environments,…
What is an Access Link in SharePoint Online?
Read the original article: What is an Access Link in SharePoint Online? This is what it looks like to create an access link, in this blog I will explain which settings affect what options are available on these link creation pages. SharePoint is all…
NIST Password Guidelines in 2020
Read the original article: NIST Password Guidelines in 2020 What are NIST Password Guidelines? Since 2014, the National Institute of Standards and Technology (NIST, a U.S. federal agency) has issued requirements and controls for digital identities, including authentication, passwords (known…
Lateral Movement to the Cloud with Pass-the-PRT
Read the original article: Lateral Movement to the Cloud with Pass-the-PRT There are several well-documented ways attackers and malware can spread laterally across Windows servers and desktops. Approaches like pass-the-ticket, pass-the-hash, overpass-the-hash, and Golden Tickets continue to be effective lateral…
Securing gMSA Passwords
Read the original article: Securing gMSA Passwords Abusing gMSA Passwords to Gain Elevated Access gMSA Recap If you’re not familiar with Group Managed Service Accounts (gMSA), you can review my last post which gave a high-level overview of how they…
Passwordless Authentication with Windows Hello for Business
Read the original article: Passwordless Authentication with Windows Hello for Business Passwords are everywhere and nobody likes them. Not only are they a pain to remember and manage, but they also continue to be a primary source of data breaches. …
Data Security vs Data Privacy
Read the original article: Data Security vs Data Privacy Data is quite possibly the most critical asset within any organization and is at the heart of most, if not all, cyberattacks. Organizations struggle to implement the appropriate processes to ensure…
Back to “The Basics” Blog Series – Part 3: Privileged Access
Read the original article: Back to “The Basics” Blog Series – Part 3: Privileged Access Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya” Part 3 – Privileged Access This is…
Back to “The Basics” Blog Series – Part 3: Privilege Access
Read the original article: Back to “The Basics” Blog Series – Part 3: Privilege Access Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya” Part 3 – Privilege Access This is…
Public Roles in Oracle
Read the original article: Public Roles in Oracle Roles in relational databases make it easier to grant and revoke privileges from multiple users at once. Multiple users can be grouped into one or more roles in a database. Rather than…
How to Use Native SharePoint Online and OneDrive Activity Auditing
Read the original article: How to Use Native SharePoint Online and OneDrive Activity Auditing If you are a security analyst, engineer, admin, or otherwise responsible for protecting the personal and private data of employees and customers – the following 3 statistics should…
PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks
Read the original article: PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks There are actually four (4) ProTips in this blog (Click below to go to one you want): Multiple Policy Registration in…
Stealthbits Detects More Threats & Reduces Attacker Dwell Time with New Capabilities
Read the original article: Stealthbits Detects More Threats & Reduces Attacker Dwell Time with New Capabilities Cyberattacks and data breaches are simply too common, with nearly 4,000 confirmed data breaches reported in the latest 2020 Verizon Data Breach Investigations Report.…
Back to “The Basics” Blog Series – Part 2: Active Directory
Read the original article: Back to “The Basics” Blog Series – Part 2: Active Directory Part 2 – Active Directory This is the second part of a three part series on Maersk, me, & notPetya, a blog post by Gavin…
Back to “The Basics” Blog Series – Part 2: Active Directory
Read the original article: Back to “The Basics” Blog Series – Part 2: Active Directory Part 2 – Active Directory This is the second part of a three part series on Maersk, me, & notPetya, a blog post by Gavin…
Stealthbits Detects More Threats & Reduces Attacker Dwell Time with New Capabilities
Read the original article: Stealthbits Detects More Threats & Reduces Attacker Dwell Time with New Capabilities Cyberattacks and data breaches are simply too common, with nearly 4,000 confirmed data breaches reported in the latest 2020 Verizon Data Breach Investigations Report.…
What Is Kerberos?
Read the original article: What Is Kerberos? What is it? Kerberos is an authentication protocol enabling systems and users to prove their identity through a trusted third-party. The protocol was initially developed at the Massachusetts Institute of Technology (MIT) as part of a larger project called Project Athena. Project Athena was a joint initiative of MIT,…
EU-US Privacy Shield Revoked: What This Means for EU-US Commercial Data Transfers
Read the original article: EU-US Privacy Shield Revoked: What This Means for EU-US Commercial Data Transfers Europe’s top court, the Court of Justice of the European Union, recently struck down the EU-US data privacy arrangement known as Privacy Shield, which…
Back to “The Basics” Blog Series
Read the original article: Back to “The Basics” Blog Series Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya” Part 1 – Ransomware The origins of modern ransomware trace back all…
A History of Passwords
Read the original article: A History of Passwords The following blog post was created using an excerpt from the Stealthbits Technologies/emt Distribution presentation “Prioritizing Password Security with Troy Hunt: The Good, the Bad, and the Ineffective”. Please see here to…
How to Hide API Keys, Credentials, & Authentication Tokens on GitHub
Read the original article: How to Hide API Keys, Credentials, & Authentication Tokens on GitHub With the rise of open-source, more and more public repositories are being hosted on GitHub. In fact, back in 2018 GitHub celebrated 100 million live repositories, and things have only…
What is Data Lifecycle Management?
Read the original article: What is Data Lifecycle Management? Data Lifecycle Management (DLM) can be defined as the different stages that the data traverses throughout its life from the time of inception to destruction. Data lifecycle stages encompass creation, utilization, sharing, storage, and deletion. Each stage of…
What is the SigRed vulnerability in Windows DNS Server?
Read the original article: What is the SigRed vulnerability in Windows DNS Server? What is it? SigRed, CVE-2020-1350, is a remote code execution vulnerability in the Microsoft Windows DNS server that was publicly disclosed on July 14, 2020, by Israeli…
A Guide to California Consumer Privacy Act (CCPA) Compliance in 2020
Read the original article: A Guide to California Consumer Privacy Act (CCPA) Compliance in 2020 The California Consumer Privacy Act was signed into law in 2018 and went into effect on January 1st, 2020. With the EU’s GDPR paving the way, CCPA has a significant impact on how enterprises…
A Guide to California Consumer Privacy Act (CCPA) Compliance in 2020
Read the original article: A Guide to California Consumer Privacy Act (CCPA) Compliance in 2020 The California Consumer Privacy Act was signed into law in 2018 and went into effect on January 1st, 2020. With the EU’s GDPR paving the way, CCPA has a significant impact on how enterprises…
What are Group Managed Service Accounts (gMSA)?
Read the original article: What are Group Managed Service Accounts (gMSA)? High Level Overview of GMSAs Group Managed Service Accounts Overview Group Managed Service Accounts (gMSA) were introduced in Windows Server 2016 and can be leveraged on Windows Server 2012…
The Importance of Updating Your Breach Password Dictionary
Read the original article: The Importance of Updating Your Breach Password Dictionary With breaches and cyber-attacks continually increasing every year, a constant stream of compromised passwords finds their way to the dark web for purchase and use. This should NOT…
PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT
Read the original article: PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT ALERT: If you are NOT a StealthINTERCEPT Enterprise Password Enforcer or StealthAUDIT customer, view this blog for…
What is Sensitive Data?
Read the original article: What is Sensitive Data? Sensitive data is a term that we hear quite often these days, especially as it relates to the plethora of data privacy laws that have been introduced over the past several years.…
Windows Remote WMI Security Primer for the Faint-Hearted
Read the original article: Windows Remote WMI Security Primer for the Faint-Hearted StealthAUDIT, a best in its class Data Access Governance (DAG) tool utilizes Windows Management Instrumentation (WMI) extensively to gather various pieces of information from the targeted Windows servers. …
Auditing Administrator Access Rights
Read the original article: Auditing Administrator Access Rights Identifying Administrative Privileges Across IT Resources Accounts with administrative and elevated privileges are necessary for both business and IT functions, but also represent a significant risk to your organization. Privileged credentials in…
Auditing Administrator Access Rights
Read the original article: Auditing Administrator Access Rights Identifying Administrative Privileges Across IT Resources Accounts with administrative and elevated privileges are necessary for both business and IT functions, but also represent a significant risk to your organization. Privileged credentials in…
Improving the Accuracy of Detecting Deleted Resources
Read the original article: Improving the Accuracy of Detecting Deleted Resources In the File Systems Data Collector for StealthAUDIT, we collect various types of information about files and folders including permissions, file size, activity data, sensitive data, etc. One of…
Improving the Accuracy of Detecting Deleted Resources
Read the original article: Improving the Accuracy of Detecting Deleted Resources In the File Systems Data Collector for StealthAUDIT, we collect various types of information about files and folders including permissions, file size, activity data, sensitive data, etc. One of…
Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM
Read the original article: Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the…
Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM
Read the original article: Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the…
Migrating Azure Information Protection (AIP) Classic Labels to Unified Labels
Read the original article: Migrating Azure Information Protection (AIP) Classic Labels to Unified Labels Azure Information Protection (AIP) is Microsoft’s cloud-based solution for classifying and, optionally, protecting sensitive documents and emails in both cloud and on-prem environments. AIP is a…
Reduce PAM Switching Costs With Bring-Your-Own-Vault – Leverage Your Existing Password Vault
Read the original article: Reduce PAM Switching Costs With Bring-Your-Own-Vault – Leverage Your Existing Password Vault Why Do Many PAM Deployments Fail or Fall Short of Expectations? Complexity and optimism of scalability. Fail may be too strong of a word,…
Reduce PAM Switching Costs With Bring-Your-Own-Vault – Leverage Your Existing Password Vault
Read the original article: Reduce PAM Switching Costs With Bring-Your-Own-Vault – Leverage Your Existing Password Vault Why Do Many PAM Deployments Fail or Fall Short of Expectations? Complexity and optimism of scalability. Fail may be too strong of a word,…
Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud
Read the original article: Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures…
An Amazon Macie Alternative
Read the original article: An Amazon Macie Alternative If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool…
An Amazon Macie Alternative
Read the complete article: An Amazon Macie Alternative If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool…
Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud
Read the complete article: Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures…
Bypassing MFA with Pass-the-Cookie
Multi-factor Authentication (MFA) is a great way to increase security on web applications, remote desktop sessions, VPN, and virtually anywhere a user can log into. By introducing one or more additional factors into the authentication process you can prove somebody actually…
What is a Data Breach and How to Prevent One
Data breach. There are fewer times that two simple words invoke so many fearful thoughts in the mind of a C-level executive. How did it happen? What was taken? What are we going to do? Who was responsible? There are…
What is a Data Breach and How to Prevent One
Data breach. There are fewer times that two simple words invoke so many fearful thoughts in the mind of a C-level executive. How did it happen? What was taken? What are we going to do? Who was responsible? There are…
What is the Principle of Least Privilege (POLP)? – Definition and Best Practices
As part of a sound security structure, one of the most basic things a company can do is implement a principle of least privilege model within their organization. This blog will explain what this means and how this security model…
What is the Principle of Least Privilege (POLP)? – Definition and Best Practices
As part of a sound security structure, one of the most basic things a company can do is implement a principle of least privilege model within their organization. This blog will explain what this means and how this security model…
Sensitive Data Discovery for Compliance
The industrial revolution began in the late 18th century and revolutionized the manufacturing process; in a similar manner, the digital revolution happening now is fundamentally changing the way that organizations conduct business. The Digital revolution is all about the digital…
What are Browser Cookies and How do They Work?
If you have ever surfed the web, you have almost certainly encountered browser cookies among your digital travels. Although for some they may be a nuisance, for the majority browser cookies are an essential part of the internet experience, often…
What are Browser Cookies and How do They Work?
If you have ever surfed the web, you have almost certainly encountered browser cookies among your digital travels. Although for some they may be a nuisance, for the majority browser cookies are an essential part of the internet experience, often…
Just-in-Time Privileged Access Doesn’t Mean Reduced Standing Privileges
Just-in-time (JIT) is the latest new buzz word in the world of Privileged Access Management (PAM). ‘Just-In-Time Access’, ‘Just-In-Time Privilege’, ‘Just-In-Time Privilege Access’ an internet search brings up a multitude of vendors offering clickbait as to why their solution is…
Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access Management
Typically, security is improved at the expense of convenience. Two-factor Authentication disrupts a user for another authentication factor in addition to a password. Signing-in and getting a guest badge with the lobby security guard before meeting a prospective client may be secure but is not very convenient. I…
How to Set Up a VPN Tunnel to Microsoft Azure
Microsoft Azure offers different variations of the SQL databases that can be deployed based on the workload and complexity requirements as follows: Azure SQL Databases – This is a fully managed SQL database engine created using the latest version of…
SMBv3 Vulnerability Explained
SMBGhost What Happened? This week, Microsoft accidentally published information around a newly identified vulnerability in SMBv3, which is being dubbed SMBGhost. This vulnerability can lead to remote code execution on the server, which is always a major concern as far…
Protip: How to Setup User Activity & Database Logon Scans in StealthAUDIT for Oracle
StealthAUDIT for Oracle can monitor database user activity in all your Oracle databases. In addition, it can also enumerate and report on user permissions, database configuration, conduct a vulnerability assessment and can help you discover and report on sensitive data…
Ready for Microsoft’s LDAP Changes? What You Need to Know
What is Changing? In March, Microsoft will be releasing a patch that includes new audit events, additional logging, and some changes to group policy settings. Later in 2020, Microsoft will be changing the behavior of the default values for LDAP…
Ready for Microsoft’s LDAP Changes? What You Need to Know
What is Changing? In March, Microsoft will be releasing a patch that includes new audit events, additional logging, and some changes to group policy settings. Later in 2020, Microsoft will be changing the behavior of the default values for LDAP…
Best Practices for Storage Reclamation – Part 3 of 3
In parts 1 and 2 of this blog series, we introduced the key elements of a storage reclamation program and dove deeply into 5 key capabilities that would be needed. In this last blog, we pull all of the guidance…
Best Practices for Storage Reclamation – Part 2 of 3
In part 1 of this series, we explained that there are 5 key capabilities needed for a successful file cleanup project, and discussed Capability 1 – File Discovery, and 2 – Sensitive data discovery. In this second blog we pick…
Best Practices for Storage Reclamation – Part 2 of 3
In part 1 of this series, we explained that there are 5 key capabilities needed for a successful file cleanup project, and discussed Capability 1 – File Discovery, and 2 – Sensitive data discovery. In this second blog we pick…
Microsoft LDAP Channel Binding and Signing Patch
Discovery Solution for Microsoft’s March 2020 Update Lightweight Directory Access Protocol (LDAP) – How did we get here? 20 years ago, I embarked on the fantastical journey that was migrating from NT4 to Active Directory. This is also when I…
Best Practices for Storage Reclamation – Part 1 of 3
Data Access Governance (DAG) has many different types of use cases, with most falling into three main categories: data security, regulatory compliance, and operational efficiency. There has been a lot written about security due to the increasing frequency of ransomware…
Best Practices for Storage Reclamation – Part 1 of 3
Data Access Governance (DAG) has many different types of use cases, with most falling into three main categories: data security, regulatory compliance, and operational efficiency. There has been a lot written about security due to the increasing frequency of ransomware…
What is SMBv1 and Why You Should Disable it
Eternally Affected What is SMB? Server Message Block (SMB) is a protocol used primarily for sharing files, printer services, and communication between computers on a network. The history of SMB is long, so I’ll try to keep this short and…
What is SMBv1 and Why You Should Disable it
Eternally Affected What is SMB? Server Message Block (SMB) is a protocol used primarily for sharing files, printer services, and communication between computers on a network. The history of SMB is long, so I’ll try to keep this short and…
Cleaning Up Unused Service Accounts – Part 2: Detecting Common Locations Where Service Accounts Are Used
In this post, I will continue the series for how to do a service account clean up in Active Directory by going into details of common locations in a Windows OS that can be used to configure service accounts as…
Improve the Efficiency and Automation of AD Object Rollback and Recovery in StealthRECOVER 1.5
Why is Active Directory (AD) so Important to Protect? The health and operational integrity of AD has a direct impact on the overall security of your organization. The capability to rollback and recover from unwanted changes is a critical requirement…
Constrained Delegation Abuse: Abusing Constrained Delegation to Achieve Elevated Access
Kerberos Delegation Recap Previously, I gave an overview of all of the various types of Kerberos delegation, how they’re configured, and how they can potentially be abused. Prior to that, I wrote about abusing resource-based constrained delegation and Jeff Warren…
Improve AD Security – Block Unauthorized Activities & Strengthen Passwords with StealthINTERCEPT 7.0
Nearly everyone uses Microsoft’s Active Directory (AD), over 90% in fact[1], to manage user accounts and provide authentication and access to the majority of organizational resources. Microsoft tells us that 95 million AD accounts are under attack every day[2]. The…
ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer
I have had the benefit of visiting a number of customers to understand how they use our products. Specifically, how they use the breach password dictionary in StealthINTERCEPT Enterprise Password Enforcer. Many actively manage their breach password database to prevent…
An Oracle DBA’s Guide to Microsoft SQL Server Security
In today’s world, it is quite common for companies to use more than one type of relational database platform to host enterprise applications. If you are an old-time Oracle DBA like me and are asked to administer Microsoft SQL Servers…
Cleaning Up Unused Service Accounts Series – Part 1: Overview of the Process
What is a Service Account? In this blog post, I won’t go too much into the details of service accounts but will class a service account as a user, Managed Service Account or a Group Managed Service Account which is…
What is Kerberos Delegation? An Overview of Kerberos Delegation
Kerberos Delegation and Usage Kerberos delegation has been around for a long time (Windows Server 2000 to be exact), but more often than not, when speaking to engineers who manage or work with Active Directory, they’re not familiar with all…