Singularity™ Identity VS Active Directory

This demonstration simulates a threat actor leveraging LOLBins to assess a targeted environment. The attacker uses operating system commands and Active Directory access to discover more information. We will look at how an attacker can easily access identity data, given access to a single device in the victim network. From there, we will see how Singularity Identity detects such attempts and what level of information is available on the console.

A threat actor leverages LOLBins (NLTEST, NET GROUP, NET LOCALGROUP, SYSTEMINFO) to assess the targeted environment.

Singularity™ Identity Protects Active Directory