Register today for Zero Trust World 2026!
Date:  
Jul 15, 2025
Time:  
11:00 am
EDT
CDT

100 days to secure your environment webinar series: Week 10

Week 10: Security audits

This week’s session was packed with even more actionable strategies to help harden your environment.

What we covered in week 10:

  • Audit domain accounts  
  • Audit and set fine-grained password policies  
  • Enable Group Policy auditing  
  • Disable mDNS
  • Enable LDAP signing requirements

Copy the PowerShell Scripts

#Get all users
Import-Module ActiveDirectory
 
Get-ADUser -Filter * -Properties LastLogonTimeStamp, MemberOf |
Select-Object Name, SamAccountName,
    @{Name="LastLogonDate";Expression={[DateTime]::FromFileTime($_.LastLogonTimeStamp)}},
    @{Name="Groups";Expression={
        ($_.MemberOf | ForEach-Object {
            ($_ -split ',')[0] -replace '^CN='
        }) -join '; '
    }} |
Sort-Object LastLogonDate

#Get Domain admins
Import-Module ActiveDirectory
 
# Get members of the Domain Admins group
Get-ADGroupMember -Identity "Domain Admins" -Recursive |
Where-Object { $_.objectClass -eq "user" } |
ForEach-Object {
    Get-ADUser $_ -Properties LastLogonTimeStamp, MemberOf
} |
Select-Object Name, SamAccountName,
    @{Name="LastLogonDate";Expression={[DateTime]::FromFileTime($_.LastLogonTimeStamp)}},
    @{Name="Groups";Expression={
        ($_.MemberOf | ForEach-Object {
            ($_ -split ',')[0] -replace '^CN='
        }) -join '; '
    }} |
Sort-Object LastLogonDate

#See which users do not have a fine-grained password policy
Import-Module ActiveDirectory
 
# Get all users
$allUsers = Get-ADUser -Filter * -Properties msDS-ResultantPSO
 
# Filter users with no PSO applied
$excludedUsers = $allUsers | Where-Object { -not $_.'msDS-ResultantPSO' }
 
$excludedUsers | Select-Object Name, SamAccountName

A quick note

This webinar series is designed to be as technology-agnostic as possible. You don’t need ThreatLocker to participate, but it certainly helps.

If you want to follow along more easily, we’d be happy to help you get started with a ThreatLocker agent. Just book a demo to chat with a ThreatLocker Solutions Engineer and get a 30-day free trial to the entire ThreatLocker platform.

Stay on track

Download the week 10 checklist on this page to keep up with key tasks and harden your environment step by step.

Missed previous weeks? 

You can get caught up here.

REGISTER TODAY

WATCH THE WEBINAR

watch the replay

Additional RESOURCES

Access the additional downloadable resource that will help you make the most of this webinar.  

Whether you're starting from zero or organizing an inherited environment, this tactical checklist will help you fully secure your environment step by step.

watch more webinars

100 days to secure your environment webinar series: Week 15
Cybersecurity readiness for out-of-office downtime
100 days to secure your environment webinar series: Week 14

Webinar Speakers

Hear from our industry experts
No items found.

Webinar Speakers

Hear from our industry experts
No items found.

FREQUENTLY ASKED QUESTIONS

How many webinars are there in this series?

There are 15 webinars, each approximately one hour long including an audience Q&A. If you put one webinar's recommendations per week, you will complete the series in approximately 100 days.

Who is this series for?

This series is for IT professionals ready to take control of their environment, whether you've just inherited one, are rebuilding from the ground up, or need to scale and secure what’s already in place.

Do I have to watch all 15 webinars sequentially?

No, you can implement the recommendations in all or only a few of the sessions, but we do recommend watching all of them in order, as we often build on the previous week's efforts.

Is there a cost associated with this series?

No, the entire series, including the additional downloadable resources, is completely free.

Do I get a badge or certificate once I complete the webinar series?

Unfortunately, the badge was only available for people who attended the sessions live in May-August 2025.

Request your 30-day trial to the entire ThreatLocker platform today.

Try ThreatLocker