• Featured

  • Posts

  • Videos

  • Presentations

  • More...

    Use tab to navigate through the menu items.
    Trimarc Security
    • All Posts
    • Active Directory
    • Office 365
    • Research
    • Azure Active Directory
    • VMWare
    • Webcasts and CONs
    • Transcripts
    • Enterprise Security
    Search
    Push Comes To Shove: exploring the attack surface of SCCM  Client Push Accounts
    Brandon Colley
    • 4 days ago
    • 7 min

    Push Comes To Shove: exploring the attack surface of SCCM Client Push Accounts

    Introduction Did you know that Microsoft System Center Configuration Manager (SCCM) has been around for 28 years? Currently known as...
    2,1490
    Webcast: Top 10 Ways to Improve Active Directory Security Quickly
    Trimarc Security Team
    • Jun 24
    • 2 min

    Webcast: Top 10 Ways to Improve Active Directory Security Quickly

    This Trimarc Webcast provides information about current AD attack methods attackers are leveraging to compromise Active Directory and 10 thi
    2,4810
    Implementing Controls in Active Directory: Protecting Against Privileged Credential Sprawl
    Scott Blake
    • Nov 19, 2021
    • 8 min

    Implementing Controls in Active Directory: Protecting Against Privileged Credential Sprawl

    Protecting Against Privileged Credential Sprawl. Highly privileged accounts are often used to perform tasks on systems.
    6,8300
    LDAP Channel Binding and Signing
    Scott Blake
    • Jan 22, 2021
    • 6 min

    LDAP Channel Binding and Signing

    The initial fuss around Microsoft “forcing” customers into LDAP channel binding and LDAP signing (January 2020, March 2020, second half...
    3,9270
    Sean Metcalf
    • Dec 10, 2020
    • 14 min

    Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory

    Introduction & Attack Overview Jake Karnes (@jakekarnes42) with NetSPI published 3 articles (that’s right 3!) describing a new attack...
    2,8280
    Scott Blake
    • Oct 28, 2020
    • 5 min

    Securing Microsoft Azure AD Connect

    With more and more organizations moving to the cloud, specifically Azure Active Directory/Microsoft 365 (formerly Office 365), Trimarc...
    4,4440
    Sean Metcalf
    • Sep 3, 2020
    • 6 min

    Escalating to Domain Admin in Microsoft’s Cloud Hosted Active Directory (Azure AD Domain Services)

    the attacker could compromise the Azure AD Domain Services domain and persist at the Domain Controller and/or domain level
    2,0350
    The Art of the Honeypot Account: Making the Unusual Look Normal
    Sean Metcalf
    • Aug 6, 2020
    • 10 min

    The Art of the Honeypot Account: Making the Unusual Look Normal

    I have had the idea for a post describing how to best create a honeypot (or honeytoken) account for many years and only recently gained...
    8,2570
    Webcast: Securing Active Directory: Protecting AD Administration
    Trimarc Security Team
    • Jul 17, 2020
    • 1 min

    Webcast: Securing Active Directory: Protecting AD Administration

    Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers common issues with AD administration, how...
    3,4100
    Scott Blake
    • Jul 14, 2020
    • 7 min

    Trimarc’s Take: 12 Steps for Better Password Management

    Passwords, while serving a crucial role in identity, have unfortunately morphed into the dreaded necessary evil territory. This is easily...
    1,0800
    Sean Metcalf
    • Jun 23, 2020
    • 14 min

    Securing Active Directory: Performing an Active Directory Security Review

    During the Trimarc Webcast on June 17, 2020, Sean Metcalf covered a number of Active Directory (AD) components and areas that should be...
    29,6470
    Webcast: Securing Active Directory: Performing Your Own AD Security Review
    Trimarc Security Team
    • Jun 17, 2020
    • 1 min

    Webcast: Securing Active Directory: Performing Your Own AD Security Review

    Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...
    4,5250
    Sean Metcalf
    • May 27, 2020
    • 8 min

    From Azure AD to Active Directory (via Azure) – An Unanticipated Attack Path

    While Azure leverages Azure Active Directory for some things, Azure AD roles don’t directly affect Azure (or Azure RBAC) typically. This...
    5480
    Webcast: Securing Active Directory: Resolving Common Issues
    -
    • May 18, 2020
    • 1 min

    Webcast: Securing Active Directory: Resolving Common Issues

    Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...
    1,9580
    -
    • May 15, 2020
    • 1 min

    Webcast: Quest TEC Talk Office 365 & Azure Active Directory 10 Security Actions to Take Now

    Slides and Video Available! From the Quest TEC Talk Series. Trimarc founder Sean Metcalf, Microsoft Certified Master, on the 10 security...
    670
    Sean Metcalf
    • Mar 21, 2019
    • 6 min

    There’s Something About Service Accounts

    Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost...
    3340
    -
    • Feb 12, 2019
    • 7 min

    Mitigating Exchange Permission Paths to Domain Admins in Active Directory

    A blog post was published by Dirk-jan Mollema titled "Abusing Exchange: One API call away from Domain Admin " (https://dirkjanm.io/abusin...
    5330
    -
    • Nov 22, 2017
    • 28 min

    Transcript BSidesCharm Detecting the Elusive: Active Directory Threat Hunting

    “Detecting the Elusive: Active Directory Threat Hunting” Sean Metcalf, Trimarc CTO BSides Charm (Baltimore, MD) April 2017 Transcript...
    1030
    Sean Metcalf
    • Feb 17, 2017
    • 13 min

    Trimarc Research: Detecting Kerberoasting Activity

    Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without...
    1,8630
    Sean Metcalf
    • Feb 10, 2017
    • 4 min

    Trimarc Research: Detecting Password Spraying with Security Event Auditing

    A common method attackers leverage as well as many penetration testers and Red Teamers is called "password spraying". Password spraying...
    2,2600
    Subscribe for Updates
    • Twitter
    • YouTube
    Contact Us