Limiting Domain Controller Attack Surface: Why less services, less software, less agents = less exposure.
top of page
Search
This article is a guide to making the best-informed decisions by companies asking the right questions.
Jake Hildreth
Aug 281 min read
Tutorial - Throwing Windows Through an Apple. - Virtualizing Windows Server 2025 on Apple Silicon
This is where some people will try to dazzle and impress you with pontification and prose. I’m not those people.
223
Darryl Baker
Jul 167 min read
Securing The Chink in Kerberos’ Armor, FAST! Understanding The Need For Kerberos Armoring
35 years after the first public version of Kerberos, attacks on it are still coming fast and furious. Time to armor up.
2,952
Sean Metcalf
Jul 14 min read
Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)
Editor's Note: Nearly a decade ago, Sean Metcalf made this post on ADSecurity.org and we're reposting it here in its original form because,
1,526
Sean Metcalf
Jun 51 min read
BSides Dublin - The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations
We have an Identity problem and not the kind you think of when you look in the mirror. Attacks have shifted from the perimeter to the...
665
Brandon Colley
Jun 57 min read
Demystifying Privileged Identity Management - Part 1
This article series attempts to dissect the terms we throw around when talking about PIM.
1,274
Sean Metcalf
May 201 min read
The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations - BSides Dublin 2024
"We have an Identity problem and not the kind you think of when you look in the mirror. Attacks have shifted from the perimeter to the...
206
Danny Akacki
Apr 232 min read
BSides Charm - 2024
Trimarc CTO Sean Metcalf and Active Directory Security Assessment Lead Jake Hildreth presented at the 2024 BSides Charm. Their slides are...
761
Jake Hildreth
Mar 113 min read
Nesting Is For The Birds: The Problem with Nested Groups
Discussing a common High Priority issue: excessive membership in AD Admin groups due to Nested Groups.
1,104
Danny Akacki
Jan 317 min read
Trimarc January Newsletter
Happy New Year, Trimarc Subscribers! We realize the time normal people say that was about 2.5 weeks ago but, in our defense, it’s cold in...
139
Brandon Colley
Nov 16, 202314 min read
Once Upon a Console: vCenter Console Coercion
The best way to combat creative attackers is to become more creative ourselves.
211
bottom of page