Documentation Request a Demo

Blog

Insights on identity risk, attack paths, compliance, and security operations strategy - from the Forestall research team.

Featured Articles

Best PracticesApr 13, 2026

Increasing Identity Resilience: Disabling NTLMv1 with a Step-by-Step Guide

Active DirectoryNTLMv1NTLM

Active DirectoryJun 10, 2025

CVE-2025-33073: A New Technique for Reflective NTLM Relay Attack

Active DirectoryNTLM RelayCVE-2025-33073

Active DirectoryMay 23, 2025

Privilege Escalation by Abusing dMSA: The BadSuccessor Vulnerability

Active DirectoryPrivilege EscalationBadSuccessor

Best PracticesApr 13, 2026

Increasing Identity Resilience: Disabling NTLMv1 with a Step-by-Step Guide

Active DirectoryNTLMv1NTLM

Active DirectoryJun 10, 2025

CVE-2025-33073: A New Technique for Reflective NTLM Relay Attack

Active DirectoryNTLM RelayCVE-2025-33073

Active DirectoryMay 23, 2025

Privilege Escalation by Abusing dMSA: The BadSuccessor Vulnerability

Active DirectoryPrivilege EscalationBadSuccessor

Active DirectoryOct 08, 2024

Understanding ESC15: A New Privilege Escalation Vulnerability in Active Directory Certificate Services (ADCS)

Active DirectoryADCSESC15

Attack PathsFeb 27, 2022

Combined Attack Path Analysis with BloodHound and Kangal

BloodHoundActive DirectoryAttack Paths

Threat AnalysisMay 20, 2021

How to Secure Kerberos Authentication Protocol

KerberosActive DirectoryAuthentication

Best PracticesMar 15, 2021

How to Secure Active Directory Service Accounts

Active DirectoryService AccountsKerberoasting

Get insights for your environment.

Start with a 1-day Proof of Value in your own environment.

Blog | Forestall