MSSpray: Wait, how many endpoints DON’T have MFA??
A Little Backstory As more companies move their infrastructure into the cloud, attackers are adapting their techniques to target these resources. One of the bigger changes is the...
Getting Specific with Ransomware Preparedness
Most industry ransomware guidance is focused on SMB protections for commodity malware that exploits low-hanging fruit via worming and trashing share drives and document folders....
Automated Detection Rule Analysis with Dredd
Offensive security moves at a breakneck pace and keeping up with new tools and TTPs (tactics, techniques, and procedures) can be an undertaking of its own for a security team....
Selective Kerberoast Prevention using DACLs
Kerberoasting is a rather in-vogue and effective attacker technique within Active Directory (AD) environments that was first popularized by Tim Medin in his 2014 talk “Attacking...
Impossible Travel
As physical offices have cleared out and VPNs and remote access solutions are maxing out, many IT security departments have a sudden new challenge: how to identify an attacker...
COVID-19: Staying Secure while Staying at Home
Large swathes of the workforce are navigating remote work for the first time as non-essential offices are mandated to close. While businesses quickly spin up the infrastructure...
Listen to the Cyber Kumite Podcast and Video Series
Each week we deliver new discussions about the cybersecurity industry, challenges, and best practices. CISOs and other security specialists join us to bring their insight on each topic.
Interested in what we do?
Explore our Advisory Services to learn how our team can help improve your cyber program.