In the News
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Office of the CISO
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Tools
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Limiting WMI Lateral Movement via DCOM Permissions
If you are looking for a way to curb WMI-based lateral movement – and especially if you do not want a dependency on another control, such as a firewall – DCOM permissions may prove to be a useful method that works with traditional configuration management.
Purple Team PSA: Disable Device Code Flow
Microsoft refers to device code flow as ‘high-risk’ and even “recommends blocking/restricting device code flow wherever possible”. Why? Because it might be leaving your organization vulnerable to one of the most persuasive and impactful social engineering attacks I’ve seen in my career – device code phishing.
Efficiently Managing Hundreds of Purple Teams
In 2024 Security Risk Advisors delivered over 170 Purple Teams to our clients. Supporting the technical execution of our Purple Teams we use strong project management techniques that not only make high-volume service delivery efficient but also quite manageable.
Get Off the Neverending AI Treadmill and Secure Your Organization
This blog explores why enterprises should resist the urge to chase the latest LLMs and instead focus on securing AI adoption through cloud-based platforms like Azure, AWS, and Google Cloud. Learn how strategic AI implementation can align security, IT, and innovation for long-term success.
AI vs. AI: Red Teaming with PyRIT
This article showcases use of open source tools to use AI LLMs to attack other AI LLMs to identify security vulnerabilities.
Entra ID to the Rescue: Streamlining Identity Access Reviews with a Dash of Governance
The blog highlights the challenges of managing identity access reviews in complex environments and emphasizes the benefits of using automated tools like Microsoft’s Identity Governance to streamline these processes. Security Risk Advisors (SRA) offers custom solutions to help organizations implement and report on access review results, enhancing compliance and efficiency .
Security Risk Advisors Earns Microsoft Solutions Partner Designation for Infrastructure (Azure)
We are excited to share that Security Risk Advisors (SRA) has achieved the Microsoft Solutions Partner designation for Infrastructure (Azure)! This recognition reflects our proven expertise in accelerating clients' migration of critical infrastructure workloads to...
Building Practical Resilience: The Table-Top Exercise (TTX) Execution Playbook
This playbook on facilitating an effective TTX can help lead you to success. Whether you run them yourselves on call or have an external organization like SRA to help facilitate, they should stoke conversations that lead to meaningful improvement, role clarity, and help make a real incident a little less painful.
How SRA’s Partnership with the Microsoft Intelligent Security Association (MISA) Will Benefit Its Clients
Being part of MISA allows us to influence the future of Microsoft Security solutions and ensures that our clients benefit from the latest advancements in cybersecurity. Our clients can feel confident knowing that we are at the forefront of cybersecurity innovation, working closely with Microsoft to develop and deliver the best security solutions.
PRESS RELEASE: Security Risk Advisors joins the Microsoft Intelligent Security Association
FOR IMMEDIATE RELEASE PHILADELPHIA, Pennsylvania, USA — January 7, 2025 — Security Risk Advisors today announced it has become a member of the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISVs) and managed security...
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
SecureWorld: Building a Mobile App Security Risk Management Program
Unveil mobile app security management strategies with our INGDirect case study on risk programs for app infrastructure.
Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 5 of 5)
Protect against clear text protocol risks by switching to encrypted alternatives like SSHv3 and HTTPS, and monitor with IDS/IPS.
Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 4 of 5)
Protect against clear text protocol risks by switching to encrypted alternatives like SSHv3 and HTTPS, and monitor with IDS/IPS.
Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 3 of 5)
Protect against clear text protocol risks by switching to encrypted alternatives like SSHv3 and HTTPS, and monitor with IDS/IPS.
Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 2 of 5)
Protect against clear text protocol risks by switching to encrypted alternatives like SSHv3 and HTTPS, and monitor with IDS/IPS.
Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 1 of 5)
Protect against clear text protocol risks by switching to encrypted alternatives like SSHv3 and HTTPS, and monitor with IDS/IPS.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Impossible Travel
As physical offices have cleared out and VPNs and remote access solutions are maxing out, many IT security departments have a sudden new challenge: how to identify an attacker with all this new noise at the border? It was hard enough finding an attacker coming into...
COVID-19: Staying Secure while Staying at Home
Large swathes of the workforce are navigating remote work for the first time as non-essential offices are mandated to close. While businesses quickly spin up the infrastructure to support their remote workers, cybercriminals are attempting to take advantage by...
Domain Monitoring, Fast and Cheap
If you’ve ever tried to visit a website and mistyped the URL, it’s possible you’ve encountered a typosquatting domain. Typosquatting, formally defined, is a technique used by malicious actors where they register domain names that appear similar to legitimate...
PDBlaster: Making Bread from Attacker Breadcrumbs
Introduction Malware developers often leave unintentional hints about their development practices, goals, and identities in the executables they publish. These breadcrumbs can appear in a variety of locations ranging from the code they use (or reuse) to the metadata...
Closing the IoT Blind Spot
In many organizations, some of the most critical IT assets consist of specialized equipment which resides on a manufacturing floor or within research and development labs, industrial control systems, or medical devices. These devices have a direct impact on...
Why Red? Why Purple? A NIST CSF View
Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect...
The Perniciousness of Emotet and Banking Trojans
Guard against Emotet, the banking trojan that steals data and credentials. Learn how to protect your organization from such cyberattacks.
Updated Results from the MITRE ATT&CK Endpoint Detection and Response Evaluation
Explore MITRE’s EDR tool evaluations for APT3 threat detection, featuring top performers like Crowdstrike and new entrants FireEye and Cybereason. Detailed results at SRA
Purple Teams and Threat Resilience Metrics
This article covers how a Purple Team process done correctly can: Be documented and organized using the free VECTR.io platform (https://vectr.io) and align to MITRE ATT&CK Generate quantitative success defense metrics more meaningful than existing hygiene and...
TALR: Automating the Sharing of Detection Logic
Discover TALR, the open source repository automating SIEM rule sharing for enhanced threat detection, introduced at SANS conference.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Follow us on social media
Browse our Webinars
Access these virtual events on-demand and get valuable insight from our thought leaders and subject matter experts.
Get Curated Security News and Critical Vulnerability Reports
Our Threat Intelligence Gathering & Research (TIGR) team is focused on threat intelligence and curates a daily intelligence report, TIGR Threat Watch, with information collected from several industry intel sources. We also create and publish ad-hoc critical vulnerability notifications in case of critical and time-sensitive vulnerabilities or threats.