ABOUT

trimarc dragao removebg.png

Trimarc: From Trimarcisia, “feat of three horsemen,” was an ancient Celtic military cavalry tactic where there was always a rider ready to mount the horse of a fallen soldier.

Trimarc was named based on this approach - even if the initial mitigation fails, there are additional defensive layers to back that up.

Trimarc is a professional services company based out of Washington, DC that helps organizations secure their Microsoft platform, both on-premises and in the cloud. Founded by Sean Metcalf, a Microsoft Certified Master in Active Directory, Trimarc's mission is to help organizations better secure their critical IT infrastructure.

We focus on a “reality-based security model” which targets attacker tactics and how to best stop them. Our methodology identifies security issues in an organization attackers could exploit to fully compromise the environment and provide custom recommendations to effectively mitigate these issues.
 

Trimarc works on continuously developing defensive strategies to combat evolving attack techniques. We focus on defensive layers within the enterprise – while any single defense may fail, there are others that compensate for this and provide additional detection and/or mitigation for that area.

Our "sales calls" don't include marketing slides or slick sales pitches; we just want to hear about your concerns and challenges. If what we do aligns with what you need, we can talk about scoping and next steps!

 

Trimarc in the Press

2021

Cloud Backup and Cloud Storage Guide

https://news.yahoo.com/cloud-backup-cloud-storage-guide-100001772.html

 

6 vulnerabilities Microsoft hasn’t patched (or can’t)

https://cybersecdn.com/index.php/2021/08/11/6-vulnerabilities-microsoft-hasnt-patched-or-cant/

 

CISA Launches JCDC, the Joint Cyber Defense

https://www.infosec-magazine.com/cisa-launches-jcdc-the-joint-cyber-defense/

 

Black Hat: New CISA Head Woos Crowd With Public-Private Task Force

https://threatpost.com/cisa-head-woos-security-crowd/168426/

 

Reproducing the Microsoft Exchange Proxylogon Exploit Chain

https://www.praetorian.com/blog/reproducing-proxylogon-exploit/

2020

 

Top 7 Hybrid Active Directory Security Sessions You Must Attend at Microsoft Ignite

https://www.quest.com/community/blogs/b/microsoft-platform-management/posts/top-7-hybrid-active-directory-security-sessions-you-must-attend-at-microsoft-ignite

 

Hybrid cloud complexity, rush to adopt pose security risks, expert says

https://www.csoonline.com/article/3571172/hybrid-cloud-complexity-rush-to-adopt-pose-security-risks-expert-says.html

 

2019


How Cybercriminals Break into the Microsoft Cloud

https://www.darkreading.com/cloud/how-cybercriminals-break-into-the-microsoft-cloud

 

2018

 

Exploring, Exploiting Active Directory Admin Flaws

https://www.darkreading.com/vulnerabilities-threats/exploring-exploiting-active-directory-admin-flaws

 

W32.COOZIE: DISCOVERING ORACLE CVE-2018-3253

https://www.trustedsec.com/blog/w32-coozie-discovering-oracle-cve-2018-3253/

 

 

2017

 

Advanced Techniques Attackers Use to Crack Passwords

https://resources.infosecinstitute.com/topic/advanced-techniques-attackers-use-crack-passwords/

 

 

2016

 

Respect: Windows 10 security impresses hackers

https://www.csoonline.com/article/3107239/respect-windows-10-security-impresses-hackers.html

 

Windows PowerShell 5.0 Expected To Add Improved Security

https://redmondmag.com/Articles/2016/02/24/PowerShell-Improved-Security.aspx

 

Improved Security Coming to Windows PowerShell 5.0

https://mcpmag.com/articles/2016/02/24/improved-security-powershell.aspx

 

22 tips for preventing ransomware attacks

https://www.itworldcanada.com/article/22-tips-for-preventing-ransomware-attacks/380246

 

IT not doing enough to secure Active Directory, says expert

https://www.itworldcanada.com/article/it-not-doing-enough-to-secure-active-directory-says-expert/380201