As any security practitioner will tell you, trying to close exposures in Microsoft’s Active Directory (AD) is like trying to fill in the holes of a constantly morphing block of Swiss cheese. Because Active Directory’s configuration is in a continual state of flux, bad actors perpetually find new ways to exploit vulnerabilities to achieve their illicit aims. It’s no wonder that the top Active Directory security posture concern for most IT security practitioners is unknown AD vulnerabilities, followed closely by known but unaddressed AD vulnerabilities, according to new research conducted by Enterprise Management Associates on behalf of Semperis.