Microsoft's Active Directory is used by many businesses as a way of managing identity services and controlling access.

But if it's not configured correctly it can lead to security risks. But how dangerous is this and what can enterprises do to keep themselves safe? We spoke to Andy Robbins, technical product architect at SpecterOps to find out.

Active Directory, the directory-based identity services platform, is used by 90 percent of enterprises worldwide making it an attractive target for hackers.

New research part sponsored by Attivo Networks and conducted by Enterprise Management Associates (EMA) shows half of organizations experienced an attack on Active Directory in the last two years, with over 40 percent saying the attack was successful.

Ransomware has hit the headlines in recent months with attacks on infrastructure and supply chains closing down operations. But ransomware has the potential to be even more devastating if it’s spread via Active Directory, as demonstrated by the SolarWinds attack.

We talked to Derek Melber, chief technology and security strategist of Tenable to find out more about AD attacks and how to combat them.

As we saw in the recent SolarWinds attack, Active Directory can be exploited as a means of attacking corporate networks.

But why is AD such an attractive target? And why are companies struggling to secure it even though it's hardly a new technology? We spoke to Carolyn Crandall, chief security advocate at AttivoNetworks to find out.

Microsoft Active Directory (AD) is used by 90 percent of enterprises as the primary source of trust for identity and access, but it's also exploited in many cyberattacks.

Since AD is rarely safeguarded effectively, attackers have come to depend on weak configurations to identify attack paths, access privileged credentials and get a foothold in target networks.