Search Results

Overview: In September of 2021, Trimarc Founder & CTO Sean Metcalf presented at Quest's The Experts Conference. "This presentation covers some attacks that involve Microsoft cloud on-prem components as well as those against the Microsoft cloud directly. After discussing attacks and specific defenses, I will wrap up with some key recommendations. Note: There will be some duplication among recommendations. That’s on purpose – if I mention something more than once, that means it’s really important!" You can download Sean's slides below. No registration required. Enjoy!

In September of 2023, Trimarc founder and CTO Sean Metcalf spoke at The Experts Conference in Atlanta, GA on common mistakes people make in their MS Identity security posture. Download the slides below, no registration required. Enjoy! Abstract: This presentation explores the current state of Microsoft identity security. Join Sean Metcalf in this talk where he discusses the types of Active Directory and Azure AD security issues Trimarc has seen in customer environments. He will also talk about the attacks these security issues enable and how to mitigate. Sean will also discuss hybrid cloud integration components and correlate how attackers are targeting and compromising environments across environments. Further explored are attacker trends in Active Directory and Azure AD, including some examples of modern attacks. The talk concludes with feasible recommendations on how best to protect against attack methods covered in this talk.

In October of 2022, Founder and CTO of Trimarc Security Sean Metcalf gave a talk The Experts Conference on defending the Identity Nexus. Abstract: As technology has evolved, so has the use of the different platforms – and inter-connecting these platforms to increase efficiencies. The challenge is that attackers leverage these connection points to gain access to data, escalate privileges, and persist. This session explores a typical corporate environment, its configuration and its weaknesses. The technology platforms explored include Active Directory, VMware vSphere, Azure AD, and Azure (IaaS, aka "cloud datacenter"). We will talk through common integration and configuration components, how attackers take advantage of these connections, and how to mitigate these attack techniques. The scenarios covered during this talk include how an attacker with "user" rights in one platform can leverage connection points and configured access to escalate privileges in another. Download the slides from Sean's talk below. No registration required. Keep up with Trimarc on all social media platforms: trimarcsecurity | Twitter, Instagram, Facebook, Twitch | Linktree