IT Security | May 14, 2020Email, security, and breaches Email-based attacks can take many forms, and are typically deployed by cybercriminals in...
IT Security | April 23, 2020Hardening Windows security: How to secure your organization—Part 3 This is the final blog of our three-part blog series on living-off-the-land (LOTL) attacks...
IT Security | April 22, 2020Breaking down the San Francisco airport hack On April 7, 2020, the San Francisco International Airport (SFO) released a notice...
IT Security | April 16, 2020Hardening Windows security: How to secure your organization—Part 2 We're back with part two of our three-part blog series on living-off-the-land attacks. If...
Security Information and Event Management | April 9, 2020Hardening Windows security: How to secure your organization—Part 1 The cybersecurity threat landscape is quickly changing. Administrators have become more...
IT Security | April 8, 2020IT security and risk: 10 must-audit events in hybrid Active Directory that can lead to a breach [Slide deck] The definition of an “attack” is changing. The level of complexity and technical expertise...
Identity and access management | December 19, 2018Monitoring users for unusual file activity As we discussed in a previous blog, the user behavior analytics (UBA) engine of ADAudit...
Identity and access management | November 29, 2018Monitoring Active Directory and Windows computers to detect attacks [Webinar] If organizations and administrators can be alerted when they're under attack, then they...
Identity and access management | November 1, 2018Secure workstations by monitoring and alerting on membership changes in the local Administrators group, Part 2 In Part 1, we touched on how routine monitoring of object life cycle changes in the local...
Identity and access management | November 24, 2016Workflow allows for automation verification and correctness Workflow allows for multiple roles/responsibilities to be involved in a process which is...
Identity and access management | January 7, 2016Windows Active Directory security hardening: Honeypot #1 To catch an attack and an attacker, both the administrator and the organization need to be...
Identity and access management | July 2, 2015Tracking “Admin” Logon Failures Down to the IP Address Privileged access attacks are at an all-time high. In many cases, the attacks are not...