An old document that I had removed from my previous website, but since people have asked for it. I have decided re-post my Active Directory Security Assessment (ADSA) documentation.
ADSA provides a clear ”how-to” guidance to apply common best practices to improve the security of AD. The purpose of this documentation was mainly meant for IT Auditors to have a basic reference. It covers topics, such as backups, detection, risk assessment, misconfigurations, and so on.
Keep in mind that this document is not a silver bullet, because it is primary focusing on the basics and common misconfigurations that exists in a typical AD environment. You still have to validate stuff by yourself and test carefully when applying a security change.
Thanks to The Cyber Security Hub™ it has reached a lot of attention and views, which makes me proud to see, so that’s why I’ve decided to re-post it again.
You can download the PDF here:
Other resources that I would recommend everyone to check out are the following: