Jason Crabtree, QOMPLX CEO and co-founder, was interviewed by Chuck Harold, host of SecurityGuyTV.com, for Episode 1592. They discussed Kerberos and Active Directory security vulnerabilities.
In the interview, Crabtree explained how Active Directory is designed to figure out ‘who can do what to whom’ in an IT environment. Maintaining that web of connections is one of the major challenges for an organization, he said.
Active Directory in turn relies on Kerberos for the security of its transactions and QOMPLX defends against Kerberos exploitations.
One of the biggest mistakes organizations make is assuming "users are who they say they are," Crabtree told Harold in the interview, noting the ability of attackers to impersonate legitimate, credentialed users. "Anything built on this assumption is fundamentally flawed."
QOMPLX focuses on large-scale analytics and operational risk in particular. The company works to monitor and validate Kerberos, and does so for some of the world’s premier brands.
Watch the full interview here.