Active Directory or often described as the ”backbone” of identities, which has been around for 20 years. Is publicly known for managed poorly, and because of this. Attackers have taken their advantages.
Since there is a lot of information on the internet on how you can use open-source tools to attack AD. It should not be a surprise anymore if attackers were going after Active Directory.
Because all of this. Organizations need to audit their own environment to discover insecure configurations and address them. It is very easy to find misconfigurations if nobody has ever looked to it. Yes, especially. Organizations who have outsourced their entire IT.
ADSA provides a great foundation to find (common) misconfigurations, but it not only limited to that. It provides both technical and non-technical recommendations on improving the security posture.
ADSA is an improved version of the Active Directory Security Fundamentals, which goes a bit more into the details. It does not immediately means that an organization will be 100% secure, if all the recommendations are followed.
Nevertheless, everything has been tested in an environment, and it is recommended to test stuff first, before deploying changes in production.