On-demand Webinar

Exploring The Critical Blind Spots of Privileged Access: Service Accounts & MFA in Active Directory

Privileged access is at the top of the list in every organization’s cybersecurity discussions. With threat actors focusing on credentials to enable initial access and lateral movement, it’s critical that every organization figure out ways to protect accounts with elevated privileges.

Most have appropriately turned to Multi-Factor Authentication as the means by which to secure accounts, but there is a blind spot that exists in this strategy where privileges are ample – service accounts.

If we’re honest with ourselves, we all know that service accounts – those accounts we’ve all granted some of the highest levels of privileges to – are the least protected when it comes to ensuring they aren’t misused. Passwords are rarely changed, MFA isn’t possible, and yet these accounts have administrative access to entire subsets of your environment.

This scenario creates a quandary that needs to be solved. Exactly how much risk is created by privileged service accounts with no MFA in place? And how can you put controls in place to ensure that these accounts aren’t being misused by threat actors?

In this webinar, 4-time Microsoft MVP, Nick Cavalancia discusses:

  • The risk of privileged service account access
  • Current attack paths
  • Why MFA can’t be used on service accounts
  • What MITRE says about these kinds of attacks

In addition, Yiftach Keshet, Director of Product Marketing from Silverfort discusses what is the service account attack surface and how service accounts have been incorporated in recent high-profile attacks. Topics covered, include:

  • What makes service accounts hard to track, monitor, and protect?
  • What are the built-in gaps in MFA coverage in an AD environment that make it vulnerable to lateral movement?
  • How do the MFA and service account gaps mount up together to form an exposed and intensively targeted attack surface?

Share this post