Episode 184 | Active Directory Isn't Dead. It's Just Undefended.

Active Directory isn't dead. 86% of organizational workloads still touch it, and nearly 20% of organizations won't reach hybrid status for 10-20+ years. In this episode, Brad and Spencer break down why Active Directory attack paths are still one of the most critical threats facing organizations today, and what defenders can actually do about it. Spencer also previews his ContinuumCon workshop "Killing AD Attack Paths Once and For All" where he demonstrates how authentication policies and silos can completely eliminate an entire class of lateral movement attacks inside Active Directory. 0:00 – Is Active Directory really dead? The stats that prove otherwise 1:58 – What 86% of workloads still touching AD really means 3:39 – Why moving away from Active Directory is harder than it sounds 5:13 – ContinuumCon workshop preview: Killing AD Attack Paths Once and For All 6:21 – Who can use authentication policies and silos (hint: most of you) 9:36 – Why attackers love neglected Active Directory environments 10:44 – What is an Active Directory attack path? 14:28 – Attack path prerequisites: access, credentials, targets, and weak controls 17:12 – Layered defense: why one control isn't enough 19:42 – Tools for finding AD attack paths: Bloodhound, PingCastle, Purple Knight, Locksmith, ADelegator 24:37 – How to prioritize remediations: ease of exploitation vs. impact 27:17 – Fix, retest, repeat — why retesting is the most important step 🎟️ Catch Spencer's ContinuumCon workshop "Killing Active Directory Attack Paths Once and For All" – Fri. June 12, 10:30am PT / 1:30pm ET: https://continuumcon.com/schedule/ 📖 Show notes & resources: offsec.blog | securit360.com #ActiveDirectory #CyberSecurity #PenTesting #BloodHound #DefensiveSecurity