Description

You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!

Links

• Active Directory Certificate Services
• Windows Hello for Business
• Certified Pre-Owned
• Microsoft Defender for Identity
• Secure Privileged Access
• Pass the Hash
• Microsoft Cloud PKI for Microsoft Intune
• Microsoft Entra Conditional Access
• Microsoft Autopilot
• Ron's Blog

Recorded February 6, 2026