top of page
The HUB
Featured Posts
Limiting Domain Controller Attack Surface: Why less services, less software, less agents = less exposure.
This article is a guide to making the best-informed decisions by companies asking the right questions.
Scott Blake
Oct 8, 20245 min read
Securing The Chink in Kerberos’ Armor, FAST! Understanding The Need For Kerberos Armoring
35 years after the first public version of Kerberos, attacks on it are still coming fast and furious. Time to armor up.
Darryl Baker
Jul 16, 20247 min read
Return of The LDAP Channel Binding and LDAP Signing
It has been over two and a half years since we first touched on the subject of LDAP channel binding and LDAP signing.
Scott Blake
Oct 17, 20238 min read
Escalating to Domain Admin in Microsoft’s Cloud Hosted Active Directory (Azure AD Domain Services)
the attacker could compromise the Azure AD Domain Services domain and persist at the Domain Controller and/or domain level
Sean Metcalf
Sep 3, 20207 min read
The Art of the Honeypot Account: Making the Unusual Look Normal
I have had the idea for a post describing how to best create a honeypot (or honeytoken) account for many years.
Sean Metcalf
Aug 6, 202011 min read
Webcast: Securing Active Directory: Performing Your Own AD Security Review
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security.
Sean Metcalf
Jun 17, 20201 min read
Webcast: Securing Active Directory: Resolving Common Issues
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security.
Sean Metcalf
May 18, 20201 min read
There’s Something About Service Accounts
Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged.
Sean Metcalf
Mar 21, 20196 min read
bottom of page