RunAsRadio
RunAsRadio

Securing Active Directory Certificate Services with Ron Arestia

Show #1023 Wednesday, February 11, 2026
Download Podcast

About Show #1023

You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!

Links

Recorded February 6, 2026

 
Ron Arestia has been active in information technology for 30 years and his career spans industries such as government, finance, logistics, healthcare, and the last seven years have been with Microsoft starting as a Premier Field Engineer, content developer, Cloud Solution Architect, and now a security researcher with Microsoft DART. He specializes in identity and security focused on Active Directory Domain and Certificate Services and Entra ID. He has delivered proactive engagements across these technologies to hundreds of customers and specializes in security hardening of Microsoft products.
 

Show Comments

blog comments powered by Disqus