Why Kerberoasting Still Matters For Security Teams
Varonis, Thursday, June 19th, 2025
Sometimes the old ones are best... avoided. Explore Kerberoasting and how it remains a relevant attack method.
Kerberoasting isn't a new concept; It has been written about extensively, and its mitigation strategies are well documented. It remains one of the most common and successful techniques to gain credentials and move laterally that we see in real-world attacks.
In nearly every Windows domain compromise our Forensics Team investigated last year, Kerberoasting was attempted, and often succeeded.
While this is not a cutting-edge technique, Kerberoasting's prevalence, success rate, and impact are still relevant, so we feel it's important to bring this technique back into focus.
Let's dive in.