Given that approximately 90% of the world’s enterprises use Active Directory (AD) as their primary authentication and authorization platform for organizations running Windows, it is no surprise that AD is a key target for cybercriminals. Most known attacks targeting AD accounts are conducted by attackers pursuing horizontal kill chains with pass-the-hash, golden-ticket and related techniques that utilize authentication protocols such as NTLM and Kerberos.