For a cyberattacker, every organization is a potential target. Attack frequency and degrees of severity vary with the attacker's skill level, the assets they want, choice of tactics, and the sophistication of their targets' defenses. With attacks constantly in the headlines, it's no wonder security teams might feel overwhelmed. But in reality, not all threats are equal. Not all threats are relevant to all organizations. And not all threats are known.
MITRE ATT&CK Framework - How Illusive Foils Attacker Decision-Making
Posted by
Matan Kubovsky on Nov 1, 2019 1:18:19 PM
Credentials in Active Directory : Bloodhound Barks But Lacks Bite
Posted by
Jason Silberman on Oct 8, 2019 4:51:28 PM
We’ve written a lot on this blog about the challenge of managing excess credentials in Active Directory and how much of a cybersecurity threat they potentially pose to organizations of all sizes. In this post, we’ll review the key drivers of that threat, and then examine two tools that can—at least partially—empower security teams to gain improved visibility into these credentials and increase cyber hygiene.