AD Protect

When your employees change their passwords or log in to Active Directory, specific records are requested from our database for verification on your systems. The provided plugin is integrated directly into your Active Directory and prevents the choice of compromised passwords.

To do this, we continuously search for stolen credentials on the entire internet, analyze them and store the findings in our leak database. AD Protect maintains the anonymity of your users at all times and ensures that it is not possible to set a leaked password.

Planning

Together we plan the deployment of AD Protect within your company and according to your needs. Directly integrated into the Active Directory, protection against compromised passwords is setup within a few steps. Account registrations and password changes are protected as each credential is tested for hits in our leak database without additional software on end-user devices. The checking of credentials only takes place on your infrastructure and is fully compliant with the GDPR.

Effective Protection

If a password selected by the user is already compromised, it is automatically detected and the selection is prevented. Multifactor authentication does not protect adequately if one factor is already known to the attacker. Even with multifactor authentication, secure your initial first factor to effectively protect your company from account takeover attacks.

Compliance

With AD Protect, you can comply with basic requirements of the BSI IT-Grundschutz-Kompendium.

Measures SHALL be taken to detect password compromise. – Module ORP.4 Identity and Authorization Management

Installation

You will receive a ready-to-install plugin to install on your Active Directory system. After a short configuration, it transparently extends the existing password requirements of your existing Active Directory system. All user data remain in your infrastructure, as well as the results of the risk evaluation. You retain full control over the runtime and operational environment at all times.

Asynchronous and Precise Fit

Each query is run against our most recent leak database. You are always provided with up-to-date leak data and therefore have the best possible protection.