Aad

SmartConX  APIs are backed by AAD authentication. The SmartConX services are all protected by oAuth2 authentication backed by AAD service

 Azure Active Directory (Azure AD) is Microsoft’s enterprise cloud-based identity and access management (IAM) solution. Azure AD is the backbone of the Office 365 system, and it can sync with on-premise Active Directory and provide authentication to other cloud-based systems via OAuth.

 Active Directory lives on-premise in servers called Domain Controllers (DC). Each DC contains a catalog of users and computers that are authorized to access resources on the network. Users authenticate to DCs via Kerberos or NTLM authentication.

 AD security is one of our favorite topics because many attacks the Varonis Incident Response team researches involve AD at some point in the cyber kill chain. It could be a simple brute force attack to crack an old NTLM password or a privilege escalation attempt to take over an administrator account. AD security has been the topic of many conference talks and we even wrote a comprehensive guide to pen testing your AD environment to ensure its resilience to common off-the-shelf attacks.