Microsoft Active Directory

Overview

Microsoft’s Active Directory (AD) is the most widely used authentication and authorization solution globally, forming the backbone of identity management in 80% of modern enterprises. Despite the rise of cloud-based identity providers, AD remains integral due to its deep-rooted presence. However, AD's default permissive settings and decades of configurations by different generations of admins make it vulnerable to attacks. According to Microsoft Digital Defense Report 2022, 88% of customers impacted by cyber incidents had “insecure AD configuration”. In addition, enterprises often employ a hybrid approach, using both cloud-native and on-premises identity solutions from various vendors, which makes monitoring and detection even more challenging.

Lack of visibility in AD deployments is a significant security challenge. The goal of the Microsoft Active Directory integration is to help Cisco Identity Intelligence customers protect their AD deployments and gain full visibility into their hybrid and on-prem environments.