Metrics That Matter: An Attacker’s Perspective on Assessing Password Policy

After compromising a Windows domain controller, one of the actions that NodeZero, our autonomous pentest product, performs is dumping all domain user password hashes from the Active Directory database. This is a common attacker technique, and the resulting dump is highly valuable to attackers. But did you know that this data is a great source of insight for defenders too?

The post Metrics That Matter: An Attacker’s Perspective on Assessing Password Policy appeared first on Horizon3.ai.

The post Metrics …

blog identity & access matter metrics password password policy passwords policy