Tips to harden Active Directory against SolarWinds-type attacks

The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do so, they must first gain privileged access to a network to access the certificates used to sign SAML objects. 

You have several means with Microsoft’s Active Directory (AD) to identify this and other techniques used in the SolarWinds attack and prevent them from happening.

Read more at CSO on line Tips to harden Active Directory against SolarWinds-type attacks