Protecting Against Privileged Credential Sprawl. Highly privileged accounts are often used to perform tasks on systems.

The initial fuss around Microsoft “forcing” customers into LDAP channel binding and LDAP signing (January 2020, March 2020, second half...

Introduction & Attack Overview Jake Karnes (@jakekarnes42) with NetSPI published 3 articles (that’s right 3!) describing a new attack...

With more and more organizations moving to the cloud, specifically Azure Active Directory/Microsoft 365 (formerly Office 365), Trimarc...

the attacker could compromise the Azure AD Domain Services domain and persist at the Domain Controller and/or domain level

I have had the idea for a post describing how to best create a honeypot (or honeytoken) account for many years and only recently gained...

Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers common issues with AD administration, how...

Passwords, while serving a crucial role in identity, have unfortunately morphed into the dreaded necessary evil territory. This is easily...

During the Trimarc Webcast on June 17, 2020, Sean Metcalf covered a number of Active Directory (AD) components and areas that should be...

Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...

While Azure leverages Azure Active Directory for some things, Azure AD roles don’t directly affect Azure (or Azure RBAC) typically. This...

Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...

Slides and Video Available! From the Quest TEC Talk Series. Trimarc founder Sean Metcalf, Microsoft Certified Master, on the 10 security...

Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost...

Recently a blog post was published by Dirk-jan Mollema titled "Abusing Exchange: One API call away from Domain Admin "...

“Detecting the Elusive: Active Directory Threat Hunting” Sean Metcalf, Trimarc CTO BSides Charm (Baltimore, MD) April 2017 Transcript...

Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without...

A common method attackers leverage as well as many penetration testers and Red Teamers is called "password spraying". Password spraying...