2022 PCI Community Reflections and Why You Should Be Thinking about JavaScript Integrity Checking
TLDR: The 2022 PCI Community was in person for the first time in three years. Every few years a new risk theme develops as threats change and evolve, and this year was no...
The Road to Benchmarked MITRE ATT&CK Alignment: Defense Success Metrics
TL;DR You can describe the progress of your cybersecurity program in a single, threat-driven metric: the Defense Success Metric. This metric is born from prioritized MITRE...
Threat Intelligence Requirements
Establishing Threat Intelligence Requirements should be one of the first things organizations do when starting a Cyber Threat Intelligence (CTI) program. Requirements provide goals and objectives for CTI teams that, when met, equip stakeholders with the required knowledge that will enable teams to better protect and defend the organization.
Operationalizing ShotHound to Enhance Active Directory Resilience
It’s not just about Ransomware In 2022, it’s difficult not to grasp the severe and pervasive nature of ransomware. With malicious emails up 600% in 2021 due to the pandemic and...
Security Best Practices Amid Geopolitical Crisis
During times of geopolitical conflict, it can be easy to direct your attention to the trending “IOC’s of the day” and many media outlets will take advantage of the crisis to feed...
LetItGo: A Case Study in Expired Domains and Azure AD
By identifying and purchasing an expired domain tied to an existing Azure AD organization, an anonymous attacker can use PowerBI or PowerAutomate to create an account and gain access to that organization’s tenant, including resources shared within that tenant (e.g., OneDrive, SharePoint, etc.). The attacker is effectively a “domain user” in that tenant. SRA created a tool called LetItGo that queries an organizations’ domain listing and returning any domains that are expired.
Listen to the Cyber Kumite Podcast and Video Series
Each week we deliver new discussions about the cybersecurity industry, challenges, and best practices. CISOs and other security specialists join us to bring their insight on each topic.
Interested in what we do?
Explore our Advisory Services to learn how our team can help improve your cyber program.