Supply chain attack analysis
After multiple breaches happening due to supply chain attacks – the most well known being the Solarwinds breach – it’s due time to look at risks this poses to your infrastructure. When adalanche is augmented with data from local machines, it is possible to do a search based on installed software. This can give you the answer to what gets impacted if a particular piece of software gets compromised from an update or a vulnerability.
Certificate Template Security
Letting users enroll into dangerous published Certificate Templates can be a way to grant them a way to pose as any user in Active Directory, and is a very common mis-configuration we find. Write permissions on Certificate Templates can weaponize any Certificate Template that lets attackers become anyone they want. You can let adalanche do the heavy lifting on analyzing these paths.
Reaching Domain Admin
The most popular search (and the one adalanche defaults to when you launch it, is the “Who are or can become Domain Admin”. The graph shows you call users, groups or computers that can end up taking over your entire Active Directory infrastructure.
Tiering model validation
With cross control plane tiering validation, you can ensure that you’ve got your tiering set up correctly. With unliminted tiers and the possibility for parallel tiers the options are limitless. It doesn’t matter if the tiering violation is in Active Directory, in VCenter or in CyberArk – if it’s defined in the model, you can validate it. Every tiering violation will show up in a report, making remediation both easy and possible.