Alsid is expanding in Asia
Alsid is targeting the APJ region with the opening of a regional head office in Hong Kong as well as the launch of a technical delivery team in Malaysia to support new client contracts and regional partnerships.
Learn more
Detects Corporate Breaches
Before Attackers Do
The first proactive solution that provides instant pain relief for Active Directory infrastructures - the common denominator of targeted cyber attacks.
News
- Discover Alsid for AD
- SingHealth hack explained
- Alsid is expanding in Asia
- Alsid is expanding in Asia
- SingHealth hack#2: a more in-depth dive
- Abusing S4U2Self: Another Sneaky Active Directory Persistence
- Kerberos Resource-Based Constrained Delegation: a new control path
- SingHealth hack explained
- Forrester AD report - A spotlight on a critical component of your business
- DCShadow explained: A technical deep dive into the latest AD attack technique
Active Directory: The Main Target of Every Attack
In any organisation, Active Directory is the system that supports and provides access to all vital information and assets. Because this system is in constant mutation, breaches are unknowingly opened on a regular basis, making it the most vulnerable part of an organization's IT security. As a matter of fact, every modern cyber attack exploits Active Directory.
Corporate
Security
Security
Forgotten Key
Asset
Asset
APT #1 Target
Real-Time Protection:
Anticipating Security Breaches
Leveraging upon sophisticated and extensive expertise, Alsid is able to comprehensively monitor the security status of Active Directory in real-time.
Alsid detects security breaches before attackers do, and provides guidance to prevent and remediate threats - rather than fixing the damage caused after an attack has happened.
Proactive
Solution
Solution
Decision Maker
Oriented
Oriented
Active Threat
Intelligence
Intelligence
Alsid Prevents Targeted Attacks
A packaged and automated solution that monitors in real-time the security of Active Directory infrastructures, no matter how complex.
Active Directory Monitoring
Continuous supervision and
measurement of threat level exposure
Active Threat Intelligence
Ever-evolving solution that identifies
every new attack scenario
They Trust Alsid
Alsid Insights
SingHealth hack#2: a more in-depth dive
In a previous post, we have tried to tell, in layman’s words, the tale of the now-infamous SingHealth hack. Today we take this discussion a step further. A deep read through the 453-page report released by the Committee of Inquiry (COI) on January 10th allows for a safe assumption: the attack indeed reached a turning point when it succeeded compromising SingHealth’s Active Directory (AD). But what exactly went wrong with this critical infrastructure?
Learn moreAbusing S4U2Self: Another Sneaky Active Directory Persistence
As part of the recent publication of Elad Shamir’s work on Kerberos delegation (“Wagging the Dog - Abusing Resource-Based Constrained Delegation to Attack Active Directory”), Alsid is publishing a series of blogposts deepening the uncovered new attack vectors and shedding a light on pragmatic solution for Blue Teams trying to measure the impact of this breakthrough on their Active Directory infrastructure. This second publication will be focused on Kerberos’ S4U2Self extension. In his paper Shamir describes a new Active Directory backdoor based on this unsung functionality. This blogpost will examine how this technique can be extended to target different types of AD accounts after describing how an attacker would deploy and use such a backdoor. Using the opposite delegation direction, we will then describe another possible loophole. We will end with specific details and considerations to help security teams protecting themselves against those scenario.
Learn moreKerberos Resource-Based Constrained Delegation: a new control path
This article is part of a series that explore new ways to compromise an Active Directory. The series follows an outstanding paper published by Elad Shamir: “Wagging the Dog - Abusing Resource-Based Constrained Delegation to Attack Active Directory”. The first article will focus on an AD objects ownership and permissions, the next one will address the backdoor aspect of the new-found persistence technique.
Learn moreGet In Touch
Explore how Alsid can boost your organisation’s IT security and give you better peace of mind.
Contact us