The lateral movement stage of intrusions depends critically on a limited number of techniques and procedures associated with account and service discovery, account compromises, service exploitation and the mapping of internal services and data stores to identify suitable targets for actions on objectives. Microsoft Active Directory plays a key role in many of these steps.

Weaknesses in the configuration of Active Directory make a lot of techniques associated with lateral movement feasible. Yet many organisations fail to discover, monitor and address the attack paths that they offer attackers. In this session, we’ll consider how to assess attack paths through Microsoft Active Directory. We’ll also discuss some of the most common weaknesses found in enterprise installations of Active Directory.