3 types of attack paths in Microsoft Active Directory environments

From helpnetsecurity.com

The answer is usually “Yes,” which doesn’t make them feel better. However, what does often cheer them up is learning that many of those attack paths can be fixed quickly and easily, now that the security team knows they exist.

Attack path types

From the perspective of a defender, there are three types of attack paths:

  • Ones that can be fixed in minutes
  • Ones that take days or weeks to resolve, and
  • Ones that can’t be fixed without significant structural changes or breaking critical software.

Here’s some background to help understand why they break down into those categories.

Read more…