security is just basic fundamentals. You don’t need to spend a bunch on magic Products. You need a organized process for ensuring the basics are put in place and stay in place. Patch, good auth, restricted priv, app control. There are no shortcuts, it’s not as hard as you think
This is a huge deal. Legacy hacking tools on legacy auth are responsible for the vast majority of attacks. Data point: account compromise rates in tenants who have disabled legacy auth are 67% lower than overall rates!
I talked about security engineers focusing on what they like. Same for secops. Redteam and apt Aren’t scared of your threat hunting, huge ioc collection, or your edr. You are asymmetric. They are scared of patching, upgrading, Mfa disabling, macros and powershell, app control.
During the next redteam outbrief, ask them “if i did x, y, z basic hardening measure what would they do instead” When you hear that long pause and a non answer, go make that happen.
@epakskape
and I do that after almost every pwn2own to plan. It works.
@dwizzzleMSFT
@SwiftOnSecurity
Don't even get me started. Human issues not tech issues. People get complacent and like new shiny toys.
The only killer app is a calendar with the monthly reminder "update system".
@dwizzzleMSFT
@SwiftOnSecurity
Sadly getting the basics right in a large company is THAT hard. Not cause of technology but bureaucracy and fragmentation.
@dwizzzleMSFT
Secure workstations, smartcards, user rights restrictions, some form of tiering (atleast tier 0),laps, Bitlocker,security baselines, firewalls, IPsec, protected users group for t0 admins. That's my 2c
@dwizzzleMSFT
@SwiftOnSecurity
“We are spending so much time analyzing and reporting for ‘compliance’ that we don't have time to patch and configure security!”
@dwizzzleMSFT
I keep saying this “80-90% of all incidents could have been avoided or the impact reduced by just doing the basics right (security hygiene) in the 1st place” I also say “technology without the foundations in place; processes, procedures & training, is like building on quicksand”