all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

At the Edge of Tier Zero: The Curious Case of the RODC

Add to bookmarks
Jan. 25, 2023, 2:36 p.m. | Elad Shamir

Security Boulevard securityboulevard.com

The read-only Domain Controller (RODC) is a solution that Microsoft introduced for physical locations that don’t have adequate security to host a Domain Controller but still require directory services for resources in those locations. A branch office is the classic use case.


While RODCs, by definition, are not part of the set of resources that can control “enterprise identities”, known as Tier Zero, we have seen cases where there is a privilege escalation path from an RODC to domain dominance. …

active directory security application security case cases control definition directory directory services domain domain controller don edge enterprise host identities microsoft office penetration testing physical red team resources security services social engineering solution the edge use case

Visit resource

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs 11 hours ago | securityboulevard.com
access authors bing bugs +16
The Real Risk is Not Knowing Your Real Risk: Perspectives from Asia Pacific Tour with … 1 day, 1 hour ago | securityboulevard.com
asia asia pacific balbix customer +15
DD2345 Military Critical Technical Data Agreement and CMMC 1 day, 2 hours ago | securityboulevard.com
agreement business can cmmc +9
Airsoft Data Breach Exposes Data of 75,000 Players 1 day, 3 hours ago | securityboulevard.com
airsoft attack surface authentication breach +31
Get SOAR Savvy Before RSAC 2024: 5 Reads to Level Up Your SOC 1 day, 3 hours ago | securityboulevard.com
and response automation check d3 security +24
Cloud Monitor Automation Thwarts Phishing & Malware Emails 1 day, 4 hours ago | securityboulevard.com
automation chief cloud cybersecurity +27
MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’ 1 day, 6 hours ago | securityboulevard.com
computing conference eve francisco +19
Palo Alto Networks Extends SASE Reach to Unmanaged Devices 1 day, 7 hours ago | securityboulevard.com
alto devices devops devsecops +20
USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations 1 day, 7 hours ago | securityboulevard.com
access authors channel conference +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

DevSecOps Engineer

@ Material Bank | Remote
View on infosec-jobs.com

Instrumentation & Control Engineer - Cyber Security

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Consultant

@ Tenable | MD - Columbia - Headquarters
View on infosec-jobs.com

Management Consultant - Cybersecurity - Internship

@ Wavestone | Hong Kong, Hong Kong
View on infosec-jobs.com

TRANSCOM IGC - Cybersecurity Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States
View on infosec-jobs.com

Manager, Security Operations Engineering (EMEA)

@ GitLab | Remote, EMEA
View on infosec-jobs.com
View more jobs