 Active Directory security: Why we fail and what auditors missSylvain Cortes
Cyber Security: A Peer-Reviewed Journal, 2022, vol. 6, issue 1, 41-51 Abstract: The task of a security auditor is not an easy one. Organisations depend heavily on regular audits to analyse and evaluate the risks related to their IT assets. Unfortunately, traditional auditing methods do not adequately assess the latent risks present in Active Directory (AD). This paper will help readers understand the specific challenges and pitfalls associated with auditing AD and to adapt the method to avoid a false sense of security. It concludes that it is critical to maximise auditing assignments to obtain a clear and precise view of the important remediation tasks to come. Keywords: audit; auditor; active directory; security; ransomware; malware; lateral movement; privileges escalation; domain dominance; backdoor (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2022:v:6:i:1:p:41-51 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.