Infosec Practitioner
Warning: I will be dropping company names in this article based on items I use or have used. These are meant as examples only from personal experience. We live in a world where we do not have enough eyes on things, we suffer from burnout, work long hours, and generally are banging our heads against…
Read More “EcoSystems, or Why the Security Tools Industry is making us less secure” »
Have you every had a pentest or red team report that talks about DCSync? How much of it has been hair pulling? What is DCSync and what is the significance of it? When securing Active Directory, there are a ton of moving parts, and even more rights available, especially when you add in extended rights….
So many security controls. So much noise. It is a wonder we find anything at all relevant. The amount of time spent going through log after log is amazing. Even with SIEMs, dashboards, machine learning and “AI” there is still a ton of logs to go through. Yes we can whittle away once we know…