Active Directory Delegation Dissected


View Recording

Thursday, May 17, 2018
11:00AM-12:00PM PDT
60 MINUTES, INCLUDING Q&A



Brought to you by:

Active Directory Delegation Dissected, by Owen Shearing
Active Directory Delegation Dissected - Securing Centrify's Active Directory Delegations, by Robertson Pimentel

Active Directory Delegation of administration duties are often recommended by security organisations and Microsoft themselves have been pushing for the use of least privilege principal for quite some time. But what exactly is AD delegation and how can these configurations potentially be abused?

In this webcast, NotSoSecure will show that delegated rights should not be overlooked in a security assessment. A case study will be used to demonstrate how we can detect and understand the impact of these potential logical flaws, and we'll continue through a series of events to see how an attacker can manipulate users and groups to potentially gain access to sensitive company data or even view juicy LAPS and BitLocker attributes. The end goal, surprisingly, might not be the ever sought after Domain Admin crown.

Key takeaways:

  • Understand the implications of Active Directory Delegated permissions
  • Learn how to easily identify and mitigate issues (blue team perspective)
  • Understand that the goal of an attacker may not always be Domain or Enterprise Administrator accounts

Guest Presenter:

Owen Shearing Owen Shearing

Owen Shearing has worked in the IT industry for a number of years, the last 7 specifically within security. He is an Associate Director at NotSoSecure, a specialist IT security company delivering high-end IT security consultancy and training. Owen has delivered NotSoSecure training courses at Blackhat Asia, USA and EU over the past couple of years. He runs the blog rebootuser.com and has authored tools which can be found at github.com/rebootuser.



Sponsor Presenter:

Robertson Pimentel Robertson Pimentel

Robertson Pimentel, CISSP, CISM, Product Manager, Centrify, has 20 years of work experience focused in many areas: IT Infrastructure, Identity and Access Management, Project Management, People Development/Competency Development and Quality Assurance. These days his goals are to be able to contribute to a breath of subjects and see quick and meaningful results. His interests lie in Access Controls and the impact of security controls in organizational productivity.

UpcomingEvents

ShowCoverage

 

StayConnected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

 

Sustaining Partners

Accenture
 Carbon Black
 Cisco
CrowdStrike
Rapid7
Qualys
 SecurityScorecard
ServiceNow
Tenable