Identity is the new perimeter – and attackers know it. Breaches don’t end with the first compromise. Adversaries move laterally through Active Directory (AD), abusing “legitimate” protocols like NTLM, Kerberos, RDP, and SSH that most tools mistake for normal traffic.
The problem: AD doesn’t natively enforce MFA on these protocols. Common hops – PsExec, PowerShell, WMI, even service-to-service authentications – go unchecked. Sprawling service accounts, stale credentials, and privilege creep create blind spots that attackers exploit to escalate access and jump between on-prem and cloud resources.
Silverfort field research shows hybrid AD environments are full of undocumented accounts and unmanaged identities – prime targets for attackers. It’s clear: perimeter controls and bolt-on MFA aren’t enough.
In this webinar, you’ll learn about topics, including:
- The state of identity-based attacks and why credentials remain the weapon of choice
- How lateral movement drives modern breaches
- Why common tools (vaults, legacy MFA, basic logging) leave gaps
Additionally, Rob Larsen – Security Advisor at Silverfort will dive deep into topics such as:
- Identity Attack Paths – Real-world abuse of unmanaged service accounts, over-privileged credentials, and MFA blind spots
- AD Protocols & Lateral Movement – How NTLM, Kerberos, RDP, and SSH enable privilege escalation while evading defenses
- Securing Privileged & Service Accounts – Using analytics to uncover high-risk identities and enforce adaptive MFA
- Extending MFA Everywhere – Protecting legacy servers, Unix systems, and automated scripts with policy-based MFA