The industry problem (what are we addressing)
Created by Microsoft in the 90s, Active Directory (AD) was developed in an era that faced a limited number of cyberthreats. During that time, AD Security was adequate but hardly amazing. What was once seen as a repository for company secrets and connected users across organisations has now been weaponised to hold organisations at ransom or, worse, brought to their knees.
While the cyberthreat landscape progressed, AD did not. Despite companies going through mergers, acquisitions, and organic growth, the same AD configurations were in place from 10 years prior. This meant that IT and security teams have faced the mounting task of ensuring AD security is up to date and that all users and groups have correct permissions and secure passwords to close security gaps.