Low Hanging Hacker Fruit
This gist focuses on (relatively) free and (relatively) easy things organizations can do to better protect their networks without buying yet another black box with blinking lights.
Got some ideas of your own that should be on this list? Please leave a comment below!
Implementing a stronger AD password policy
Microsoft has a great paper on the topic that gives some nice high level recommendations:
- Use a unique password per site
- Enable complexity