Roman Blachman

Recent Posts

Advisory: Flaw in Azure AD Connect Software Can Allow Stealthy Admins to Gain Full Domain Control

Posted by Roman Blachman on Dec 12, 2017 9:42:26 AM

Authors: Roman Blachman, Yaron Zinar.
We recently reviewed a customer’s network and found that 85%(!) of all users in the network had some unnecessary administrative privilege. The excessive privilege stemmed from an indirect inclusion in a
protected admin group. Most Active Directory audit systems easily alert on excessive privileges, but will often miss users who have elevated domain privileges directly through domain discretionary access control list (DACL) configuration. We refer to these users as stealthy admins.

Read More

Topics: Credential Compromise, Stealthy Admin, Azure AD Connect, Security Advisory, Microsoft

6 Tips for Securing Privileged Accounts in the Enterprise

Posted by Roman Blachman on Jul 8, 2016 1:09:01 PM

I recently wrote an article for @CloudExpo Journal about why staying on top of privileged accounts should be a priority for organizations.  I thought I would share a condensed version of these insights here in the Preempt blog.

Read More

Topics: CISO, Privileged Users, Privileged Accounts