FireEye CEO Kevin Mandia testifies during a Senate Intelligence Committee hearing on Capitol Hill on February 23, 2021 in Washington, DC. FireEye owns Mandiant, founded by Mandia, which released research Tuesday about the need to lock down Active Directory Federation Services. (Photo by Drew Angerer/Getty Images) Mandiant Tuesday posted a blog detailing a new attack strategy against Microsoft’s Active Directory Federation Services (AD FS). Researchers with the company believe the need to protect AD FS might be the unheralded second lesson from the SolarWinds campaign. The main lesson organizations drew from the SolarWinds campaign was the need to protect against third-party risk and address supply chain security. Hackers that the United States linked to Russian Intelligence used a gimmicked update to the SolarWinds IT management software and other vectors to take over a variety of government agencies and private organizations.