This post has been de-listed
It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.
Just want to ask if something is normal with the results of a recent pen test we have engaged. The company sent a laptop to be placed on our network and after a week they gave us notice they were unable to gain a foothold and asked for a domain account to begin testing from a compromised account perspective. A few days later they say they were unable to obtain domain admin and asked to have the test account elevated to DA to see if they could get into Azure. They successfully got into Azure AD with this domain admin account and we now have a critical finding on our report for a potentially compromised AD.
Am I braindead or is this ridiculous? Like of course Iād expect a DA to be able to do everything?
Subreddit
Post Details
- Posted
- 3 months ago
- Reddit URL
- View post on reddit.com
- External URL
- reddit.com/r/AskNetsec/c...