LDAP is a highly leveraged communication protocol within AD and is most commonly used to query information from AD to facilitate authentication and authorization processes. LDAP queries can be both burdensome from a performance perspective when improperly configured and used for nefarious purposes by attackers performing reconnaissance activities, however, making the need for insight into the LDAP queries being run in an environment a necessity for operational and security purposes. Unfortunately, native LDAP logging within AD is kluge, noisy, and highly resource intensive, making it highly challenging for many administrators to make heads or tails of the data they capture, if they can at all.
A user’s account password is often the only thing standing between an attacker and the data they want to access to. As a result, strong, unique passwords are critical for users to leverage to mitigate the risk of account compromise through brute force and other password guessing attacks.
Unfortunately, one of the largest security challenges organizations face is changing their password policy. Not only is it difficult to modify end-user behavior, but the controls just are not available natively within AD to ensure users are creating passwords that are truly unique.
With this latest release, STEALTHbits allows users to implement a password policy using an “audit-only” mode that verified if the password supplied during a change is compliant with desired policy, rather than only rejecting it.