Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

As the core of Windows enterprise networks, Active Directory, the service that handles user and computer authentication and authorization, has been well studied and probed by security researchers for decades. Its public key infrastructure (PKI) component, however, has not received the same level of scrutiny and, according to a team of researchers, deployments are rife with serious configuration mistakes that can lead to account and domain-level privilege escalation and compromise.

[ Check outthe password hall of shame (and 10 tips for better password security) | Get the latest from CSO by signing up for our newsletters. ]

To read this article in full, please click here



Support the originator by clicking the read the rest link below.