Powered by RND
PodcastsTechnologyGuardians of the Directory
Listen to Guardians of the Directory in the App
Listen to Guardians of the Directory in the App
(524)(250,057)
Save favourites
Alarm
Sleep timer

Guardians of the Directory

Podcast Guardians of the Directory
Guardian of the Directory
Guardians of the Directory is the podcast for everything Active Directory security, management, and recovery. Join us as we dive into best practices, recent sec...

Available Episodes

5 of 5
  • Active Directory's Dark Side: Underbelly Threats and Shadowy Permissions
    In this episode of Guardians of the Directory, Craig Birch and Derek Melber delve into the complexities of Active Directory security, focusing on the stealthy threats posed by shadow permissions, DC Shadow, and DC Sync. They discuss the historical context of these vulnerabilities, the role of applications in creating shadow permissions, and the importance of cleaning up orphaned SIDs. The conversation also covers best practices for managing service accounts and highlights critical areas within Active Directory that administrators should monitor. The episode concludes with actionable recommendations for improving security posture. Key Takeaways Active Directory is a critical component of identity infrastructure. Shadow permissions can be exploited by attackers without detection. Many organizations lack visibility into their Active Directory permissions. Cleaning up orphaned SIDs is essential for security. Service accounts should have strong passwords and limited privileges. Regular audits of Active Directory are necessary to identify risks. Applications can inadvertently create shadow permissions. Understanding the baseline permissions is crucial for security. PowerShell can be a powerful tool for managing Active Directory. Start with small changes to improve security posture.
    --------  
    35:43
  • Hacked Hallways: Cyber Threats in K-12 Education
    Summary This conversation delves into the critical issue of cybersecurity in K-12 education, highlighting the vulnerabilities schools face due to budget constraints, lack of training, and the unique challenges of supporting a diverse student population. Jason, an IT expert, shares insights on the value of school data to cybercriminals, recent case studies of cyber attacks, common attack methods, and the importance of having robust recovery plans and security measures in place. The discussion emphasizes the need for schools to be proactive in their cybersecurity efforts to protect sensitive information and ensure the safety of their students. Key Takeaways K-12 schools are increasingly targeted by cybercriminals due to their vulnerabilities. Budget constraints often lead to compromised security in educational institutions. Student information systems contain valuable data that can be exploited by attackers. Recent cyber attacks have caused significant disruptions in school operations. Phishing and password stuffing are common attack methods in schools. Implementing multi-factor authentication is challenging in K-12 environments. Schools need a solid cybersecurity response plan to handle incidents effectively. Backup plans are essential for maintaining educational continuity during cyber incidents. IT departments must document and test recovery plans regularly. Being proactive in cybersecurity can deter potential attackers.
    --------  
    40:14
  • Active Directory Recovery Post Ransomware
    In this episode of Guardians of the Directory, Craig Birch and Chad Nichols discuss the critical steps needed to recover from a ransomware attack that targets Active Directory. They explore the challenges organizations face during such attacks, the importance of having a solid recovery strategy, and the lessons learned from real-world experiences. The conversation emphasizes the need for preparedness, security measures during recovery, and the implementation of best practices to prevent future attacks. takeaways Active Directory is the backbone of the network. Ransomware attacks can encrypt all systems quickly. Assessing damage post-attack is crucial. Recovery strategies must be well-planned. Traditional backup solutions may not suffice. Isolating infected systems is essential during recovery. New accounts should be created for privileged users post-recovery. Implementing zero trust security policies is vital. Regular testing of recovery procedures is necessary. Learning from past experiences can improve future responses.
    --------  
    35:58
  • Trailer: Guardians of the Directory: Defending the Backbone of Enterprise Security
    In this inaugural episode of Guardians of the Directory, join Craig Birch, Principal Security Engineer and Technical Evangelist at Cayosoft, as he introduces himself and the mission of this podcast dedicated to Active Directory (AD) and Entra ID management, security, and recovery. With over two decades of experience in identity security and a passion for helping AD administrators and security professionals alike, Craig dives into the critical role AD and Entra ID play in today’s enterprise environments. Why focus on a technology that’s been around for 24 years? AD and Entra ID remain at the core of over 90% of organizations worldwide, often becoming prime targets for cyber attackers who seek privilege escalation paths. Each episode, Craig will share actionable insights, best practices, and expert interviews on topics ranging from AD basics to advanced defense strategies. Whether you're an AD admin, security expert, or curious learner, tune in bi-weekly for updates on key challenges and emerging solutions. Subscribe to Guardians of the Directory wherever you get your podcasts and stay one step ahead in protecting your organization’s backbone. Stay guarded, stay informed—be the Guardian of your directory!
    --------  
    2:03
  • Beyond Defense: Why Traditional Defenses against Ransomware Fail
    Summary In this episode of Guardians of the Directory, Craig Birch and Mike Brennan discuss the evolving landscape of cybersecurity, particularly focusing on identity security and the challenges organizations face in preventing ransomware attacks. They explore the inadequacies of traditional security measures, the importance of proactive strategies, and the need for continuous monitoring and modern recovery solutions. The conversation emphasizes the necessity for organizations to rethink their security approaches to effectively combat the growing threat of ransomware. Takeaways Organizations are still struggling with stopping ransomware attacks despite having security solutions in place. Ransomware is evolving, and traditional defenses are often inadequate. Endpoint protection is challenging due to the proliferation of devices and remote work. Vulnerability management is hindered by inconsistent patching and the speed of zero-day exploits. Privileged Access Management (PAM) is crucial but often overlooked in identifying all privileged accounts. Multi-Factor Authentication (MFA) is not a silver bullet and has its limitations. SIEM systems can be overwhelmed by alerts and may not detect sophisticated attacks. Pen testing provides valuable insights but should be complemented with continuous monitoring. Backup and recovery strategies need to be proactive and air-gapped to prevent reinfection. Organizations must adopt a holistic approach to security, focusing on identity and access management. Chapters 00:00 Introduction to Identity Security and Ransomware Threats 03:02 The Evolution of Cybersecurity Defenses 06:04 Endpoint Protection Challenges 08:59 Vulnerability Management and Patching Issues 11:57 The Importance of Privileged Access Management 14:56 Understanding Multi-Factor Authentication Limitations 18:13 The Role of SIEM in Modern Security 22:03 Pen Testing and Continuous Monitoring 27:06 Backup and Recovery Strategies 36:03 Conclusion: Rethinking Security Approaches
    --------  
    38:54

More Technology podcasts

About Guardians of the Directory

Guardians of the Directory is the podcast for everything Active Directory security, management, and recovery. Join us as we dive into best practices, recent security events, listener Q&As, and expert interviews to equip you with the skills needed to protect your AD environment. Whether you’re an IT pro or a cybersecurity enthusiast, each episode delivers actionable insights to help you stay informed and secure. Become a Guardian of the Directory and tune in to strengthen your defenses!
Podcast website

Listen to Guardians of the Directory, Tech Talk with Jess Kelly and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Social
v7.1.1 | © 2007-2024 radio.de GmbH
Generated: 12/27/2024 - 2:53:51 AM