Detects Corporate Breaches
Before Attackers Do

The first proactive solution that provides instant pain relief for Active Directory infrastructures - the common denominator of targeted cyber attacks.

Active Directory: The Main Target of Every Attack

In any organisation, Active Directory is the system that supports and provides access to all vital information and assets. Because this system is in constant mutation, breaches are unknowingly opened on a regular basis, making it the most vulnerable part of an organization's IT security. As a matter of fact, every modern cyber attack exploits Active Directory.

Corporate
Security
Forgotten Key
Asset
APT #1 Target
Learn more

Real-Time Protection:
Anticipating Security Breaches

Leveraging upon sophisticated and extensive expertise, Alsid is able to comprehensively monitor the security status of Active Directory in real-time.
Alsid detects security breaches before attackers do, and provides guidance to prevent and remediate threats - rather than fixing the damage caused after an attack has happened.

Proactive
Solution
Decision Maker
Oriented
Active Threat
Intelligence
Learn more

Alsid Prevents Targeted Attacks

A packaged and automated solution that monitors in real-time the security of Active Directory infrastructures, no matter how complex.

Active Directory Monitoring

Continuous supervision and
measurement of threat level exposure

Learn more

Active Threat Intelligence

Ever-evolving solution that identifies
every new attack scenario

Learn more

Dynamic Security Dashboards

Consolidated
and contextualised view of risk

Learn more

They Trust Alsid

Alsid Insights

Alsid is expanding in Asia

Alsid is targeting the APJ region with the opening of a regional head office in Hong Kong as well as the launch of a technical delivery team in Malaysia to support new client contracts and regional partnerships.

Learn more

SingHealth hack#2: a more in-depth dive

In a previous post, we have tried to tell, in layman’s words, the tale of the now-infamous SingHealth hack. Today we take this discussion a step further.  A deep read through the 453-page report released by the Committee of Inquiry (COI) on January 10th allows for a safe assumption: the attack indeed reached a turning point when it succeeded compromising SingHealth’s Active Directory (AD). But what exactly went wrong with this critical infrastructure? 

Learn more

Abusing S4U2Self: Another Sneaky Active Directory Persistence

As part of the recent publication of Elad Shamir’s work on Kerberos delegation (“Wagging the Dog - Abusing Resource-Based Constrained Delegation to Attack Active Directory”), Alsid is publishing a series of blogposts deepening the uncovered new attack vectors and shedding a light on pragmatic solution for Blue Teams trying to measure the impact of this breakthrough on their Active Directory infrastructure. This second publication will be focused on Kerberos’ S4U2Self extension. In his paper Shamir describes a new Active Directory backdoor based on this unsung functionality. This blogpost will examine how this technique can be extended to target different types of AD accounts after describing how an attacker would deploy and use such a backdoor. Using the opposite delegation direction, we will then describe another possible loophole. We will end with specific details and considerations to help security teams protecting themselves against those scenario.

Learn more

Kerberos Resource-Based Constrained Delegation: a new control path

This article is part of a series that explore new ways to compromise an Active Directory. The series follows an outstanding paper published by Elad Shamir: “Wagging the Dog - Abusing Resource-Based Constrained Delegation to Attack Active Directory”. The first article will focus on an AD objects ownership and permissions, the next one will address the backdoor aspect of the new-found persistence technique.

Learn more

Get In Touch

Explore how Alsid can boost your organisation’s IT security and give you better peace of mind.

Contact us