We've rebranded! Find out more about our rebrand to LRQA Nettitude here
Select Page

Active directory security assessment

Securing active directory – the attacker’s perspective

Active Directory (AD) is the centre of many organisations’ Identity and Access Management (IAMs), so it plays a key part in safeguarding business interests. Given AD’s innate ties to IAMs, it commonly forms part of cyber attack paths. By being proactive in defence, organisations can slow attackers down, reduce lateral movement opportunities, increase the chance of detection, and reduce chances for credential theft.

Why conduct an active directory assessment?

Active Directory is an extensive and nuanced product, with a significant attack surface and continued research efforts.

The increased focus on security community research and the inclusion of AD attacks in threat actor playbooks shows that it is critical to conduct baseline hardening of insecure defaults and maintain point-in-time visibility of the attack surface.

By partnering with LRQA Nettitude, you gain experienced red team knowledge of attacker tactics, techniques, and procedures (TTPs) and an understanding of what works in modern enterprise environments.

Our security assessments can complement and reinforce existing assurance activities such as penetration testing. However, whereas broad-scoped penetration testing aims to locate a breadth of vulnerabilities across an entire infrastructure, a focused AD security review provides nuanced, pragmatic guidance that will make a meaningful difference in stopping attackers who have gained a foothold in the environment.

LRQA Nettitude’s active directory security audit

Our active directory security assessments are only conducted by experienced red team consultants, who have been operating in large, intercontinental networks for years.

Due to the specialist nature of this work and the large amount of data needing to be gathered and analysed, the testing, data gathering, and discussion with the technical staff phase usually takes two working weeks for a large enterprise environment. There will be three to five days extra for producing the technical deliverables. Certain nuances around heavily segregated or very large environments may increase this time, but we can discuss the details with you.

We will produce a full technical report that details each area for improvement and the underlying reasons. A technical summary for IT leadership will also detail any thematic observation, with each technical finding coming with detailed recommendations to increase the protective and detective posture of the network. Where complex topics and concepts are conveyed, we provide additional reading and supporting scripts and tools to understand the scope of the issue within the network, as well as proof of concept snippets (if required).

LRQA Nettitude can conduct this audit with conventional domain user privileges or from an elevated context.

This package of work can be undertaken on a standalone basis, or as part of a wider enterprise infrastructure security assessment. This can be complemented with password strength audits as well as an investigation into the configuration of System Centre Configuration Manager (SCCM), and Active Directory Certificate Services (ADCS).

Why choose LRQA Nettitude?

  • We have been conducting on-premise and cloud security testing for decades.
  • We were part of the original group of companies selected by the Bank of England to conduct financial service red teaming under the CBEST scheme.
  • We are trusted to conduct penetration testing against government systems and critical national infrastructure.
  • We are counted upon globally to conduct long simulated attacks against central banks.
  • We ensure we stay at the forefront of enterprise security through dedicated research time and exposure to global networks.
  • Our clients trust us to deliver accurate, realistic, and workable solutions.
  • We provide top-tier training workshops to other red teamers, technical staff, and executive leadership.
  • All our consultants understand the challenges that enterprise-scale can bring and can assist with developing a plan of incremental improvements to mature your security posture continually.

The World Leader in CREST Accreditations

We are proud to be the only organisation in the world with a full suite of CREST accreditations.
(CREST – The Council of Registered Ethical Security Testers)

The Council of Registered Ethical Security Testers (CREST)

Our team of consultants have achieved the highest accreditations for Penetration Testing, Red Teaming, Incident Response services and Threat Intelligence. In addition, we were also the first organisation to be CREST accredited for our Security Operation Centre services.

Active directory security assessment

Securing active directory – the attacker’s perspective

Active Directory (AD) is the centre of many organisations’ Identity and Access Management (IAMs), so it plays a key part in safeguarding business interests. Given AD’s innate ties to IAMs, it commonly forms part of cyber attack paths. By being proactive in defence, organisations can slow attackers down, reduce lateral movement opportunities, increase the chance of detection, and reduce chances for credential theft.

Why conduct an active directory assessment?

Active Directory is an extensive and nuanced product, with a significant attack surface and continued research efforts.

The increased focus on security community research and the inclusion of AD attacks in threat actor playbooks shows that it is critical to conduct baseline hardening of insecure defaults and maintain point-in-time visibility of the attack surface.

By partnering with LRQA Nettitude, you gain experienced red team knowledge of attacker tactics, techniques, and procedures (TTPs) and an understanding of what works in modern enterprise environments.

Our security assessments can complement and reinforce existing assurance activities such as penetration testing. However, whereas broad-scoped penetration testing aims to locate a breadth of vulnerabilities across an entire infrastructure, a focused AD security review provides nuanced, pragmatic guidance that will make a meaningful difference in stopping attackers who have gained a foothold in the environment.

LRQA Nettitude’s active directory security audit

Our active directory security assessments are only conducted by experienced red team consultants, who have been operating in large, intercontinental networks for years.

Due to the specialist nature of this work and the large amount of data needing to be gathered and analysed, the testing, data gathering, and discussion with the technical staff phase usually takes two working weeks for a large enterprise environment. There will be three to five days extra for producing the technical deliverables. Certain nuances around heavily segregated or very large environments may increase this time, but we can discuss the details with you.

We will produce a full technical report that details each area for improvement and the underlying reasons. A technical summary for IT leadership will also detail any thematic observation, with each technical finding coming with detailed recommendations to increase the protective and detective posture of the network. Where complex topics and concepts are conveyed, we provide additional reading and supporting scripts and tools to understand the scope of the issue within the network, as well as proof of concept snippets (if required).

LRQA Nettitude can conduct this audit with conventional domain user privileges or from an elevated context.

This package of work can be undertaken on a standalone basis, or as part of a wider enterprise infrastructure security assessment. This can be complemented with password strength audits as well as an investigation into the configuration of System Centre Configuration Manager (SCCM), and Active Directory Certificate Services (ADCS).

Why choose LRQA Nettitude?

  • We have been conducting on-premise and cloud security testing for decades.
  • We were part of the original group of companies selected by the Bank of England to conduct financial service red teaming under the CBEST scheme.
  • We are trusted to conduct penetration testing against government systems and critical national infrastructure.
  • We are counted upon globally to conduct long simulated attacks against central banks.
  • We ensure we stay at the forefront of enterprise security through dedicated research time and exposure to global networks.
  • Our clients trust us to deliver accurate, realistic, and workable solutions.
  • We provide top-tier training workshops to other red teamers, technical staff, and executive leadership.
  • All our consultants understand the challenges that enterprise-scale can bring and can assist with developing a plan of incremental improvements to mature your security posture continually.

The World Leader in CREST Accreditations

We are proud to be the only organisation in the world with a full suite of CREST accreditations.
(CREST – The Council of Registered Ethical Security Testers)

The Council of Registered Ethical Security Testers (CREST)

Our team of consultants have achieved the highest accreditations for Penetration Testing, Red Teaming, Incident Response services and Threat Intelligence. In addition, we were also the first organisation to be CREST accredited for our Security Operation Centre services.

Protect your Organisation with LRQA Nettitude’s
Award-Winning Cybersecurity Services

Speak to one of our cybersecurity experts now…

Protect your Organisation with LRQA Nettitude’s Award-Winning Cybersecurity Services

Speak to one of our cybersecurity experts now…