EPISODE · Feb 11, 2026 · 44 MIN
Securing Active Directory Certificate Services with Ron Arestia
from RunAs Radio · host Ron Arestia, Richard Campbell
You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!LinksActive Directory Certificate ServicesWindows Hello for BusinessCertified Pre-OwnedMicrosoft Defender for IdentitySecure Privileged AccessPass the HashMicrosoft Cloud PKI for Microsoft IntuneMicrosoft Entra Conditional AccessMicrosoft AutopilotRon's BlogRecorded February 6, 2026
What this episode covers
You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!
NOW PLAYING
Securing Active Directory Certificate Services with Ron Arestia
No transcript for this episode yet