Active Directory — The “Keys to The Kingdom”


Best practices in assessing the security of your Active Directory infrastructure

Active Directory is typically the primary system that attackers go after once they gain initial access into an environment. They scan and leverage Active Directory to perform reconnaissance, escalate privileges, access data and persist in the environment. Simply put, Active Directory contains the “keys to the kingdom” and if not well protected, it can compromise the security of any organization.

This webcast, “Active Directory, The Keys to The Kingdom,” offers insights into why Active Directory attacks occur — including how a lack of visibility and control over your Active Directory infrastructure can leave your organization susceptible to attack. You’ll also learn the other factors that can increase your risk of an Active Directory attack including the role IT hygiene plays in strengthening defenses. The webcast offers guidance on how to identify attack vectors and provides insights and best practices that can define the role of Active Directory security assessment in mitigating and remediating these damaging attacks.

Featured Speakers

Sean Metcalf

Founder, CTO, Trimarc

Sean Metcalf is founder and principal consultant at Trimarc a professional services company that focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a former Microsoft MVP, and has presented on Active Directory attack and defense at Black Hat, BSides, DEF CON, DerbyCon, Microsoft BlueHat, Shakacon and Walmart Sp4rkCon security conferences. He currently provides security consulting services to customers and regularly posts interesting Active Directory security information on his blog,

Brandon Finney

Manager, Services, CrowdStrike

Brandon Finney has over 15 years of experience in the computer security industry, including a career within the U.S. Department of Defense. As a Manager for CrowdStrike, Brandon is responsible for providing expert knowledge to CrowdStrike’s IR, compromise and technical assessments. In addition, Brandon leads the CrowdStrike Services Red Team.

Prior to his work at CrowdStrike, Brandon was a subject matter expert supporting the U. S. DOD. In this role, he was responsible for leading technical projects that enhanced the DoD’s technical ability to defend against cyberattacks on the United States.

Brandon earned a bachelor’s degree in computer science from Morgan State University and a master’s degree in security informatics from Johns Hopkins University. Brandon is a certified information systems security professional (CISSP) and a certified ethical hacker (CEH).

James Perry

Manager, Services, CrowdStrike

James Perry is an incident response manager for CrowdStrike Services. Based out of Washington D.C, James leads customer engagements focused on threat hunting, responding to cyber incidents and helping clients develop proactive strategies for responding to incidents before they experience a breach. James has over 12 years of experience in incident response, threat hunting, digital forensics and enterprise intrusion remediation.

Prior to joining CrowdStrike, James was a chief technologist at a large consulting firm where he advised senior executives on cyber defense strategies and implementations and led a team of technical staff that performed intrusion investigations, malware hunting and design and operation of security operations centers. James’ responsibilities included managing incident response investigations, adversary hunt activities, delivering security training and developing cyber defense strategies to contain, remediate and recover from cyber incidents for large public and private enterprises.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center