Join Quest at Microsoft Ignite
It’s that time of year again: Microsoft Ignite is coming November 2-4, 2021! Just like the previous year, the event will be virtual once again and you’ll leave with a greater knowledge of the latest t...
Testing the Recovery from DCShadow Attacks
MITRE ATT&CK reports that a “rogue” domain controller could be used to manipulate data in Active Directory. This attack, known as a DCShadow attack, requires you to have administrative rights, but als...
Change Auditor 7.1: What’s New
Change Auditor’s much anticipated 7.1 release is here – and we’re excited. Change Auditor’s capabilities give customers the peace of mind they deserve, and the latest release further expands on these ...
Data gleaned from patches: 2018 in review, part 5
You made it! Here’s the fifth and final post in this series on lessons learned from 2018, all of which are based on a webcast I hosted with Microsoft MVP and Windows security expert Randy Franklin Smi...
Equifax breach: 2018 in review, part 4
Welcome back to my series of blog posts on the key cybersecurity lessons we need to take to heart from 2018. The posts draw from a webcast I hosted with Microsoft MVP and Windows security expert Randy...
NotPetya: 2018 in review, part 3
In this series of posts, I’m reviewing some of the key cybersecurity lessons we should take away from 2018. I covered them in a webcast that I did with Microsoft MVP and Windows security expert Randy ...
Hardening IT Security using DISA STIGs and Quest GPOAdmin
Active Directory (AD) is the beating heart of any Microsoft environment — authenticating users, authorizing access to resources and much more. A critical part of AD is Group Policy, which provides cen...
Spectre and Meltdown: 2018 in review, part 1
Welcome to the first in a series of blog posts in which we’ll review some of the big threat headlines from 2018 and see what we can learn to prepare for 2019. It’s all based on a webcast that I did wi...
Flash: 2018 in review, part 2
Welcome back to this series of blog posts on cybersecurity lessons learned from 2018. In my previous post, I covered the Meltdown and Spectre vulnerabilities. Today, let’s turn our attention to a pers...
How to Secure Active Directory Using the NIST Cybersecurity Framework
Currently 30% of companies in the United States are using the NIST Cybersecurity Framework to manage risks with projections of 50% by the year 2020 (https://iapp.org/news/a/the-future-of-the-nist-cybe...
Quest product mapping to NIST Cybersecurity Framework and DFS Cybersecurity regulation
In reviewing the DFS Cybersecurity regulation Section 500.02, I immediately began thinking of the NIST Framework. Section B has several subsections that map to NIST: Identify Risks Identify Defen...
Advantages of an Active Directory Auditing Agents
Understanding the architecture of a product is vital for a customer in deciding if it is a good fit for their organization. Over the years, we've seen debates on whether agent-based or agent-less sol...