🏋️‍♂️The cybersecurity equivalent of doing half reps at the gym is implementing security controls just enough to say they exist but not enough for them to be effective. Examples:.- MFA on some accounts, but not all.- EDR installed, but not monitored.- Weak passwords allowed,.

RT @PyroTek3: From a recent Active Directory Security Assessment (ADSA) I did:. * AD admin accounts with passwords older than 5 years (like….

Block RMMs, sleep better at night. What could be easier than that?.

Yeah!.

My boss scared me the other day…. He said he’s seeing more and more orgs get rid of AD. There are pros and cons to both directions of course and it highly depends on the business…. but I don’t believe any one is inherently better.

RT @DarthMaulware:

Instead of giving Domain Users FullControl over file shares, create security groups for specific groups of users for specific permissions, for example:. ActPdriveRW - Accounting, p-drive (finance share), read-write access. On the file share, grant read/write access for this.

Lets goooo

😂😂😂.

Internal pentest findings that shouldn't exist in 2025. - credentials on file shares/sharepoint/dms.- local admin password reuse.- kerberoastable domain admins.- ADCS Misconfigs.- spooler running on DCs.- lack of powershell restrictions.- EDR missing on hosts.

EDR is great… but it can't go everywhere. It can’t be disguised as private messages in Slack.It can’t plant documents in Teams.It can’t be installed on ICS. Deception can go where traditional endpoint security cannot. .

RT @jamieantisocial: this part.

So much of researching & troubleshooting is just being patient enough to read long answers on reddit and stack overflow or I guess now days a bunch of AI responses. and being able to detect the bs and wade through it to find the "truth" or the answer or whatever the heck it is.

Detecting patterns is equally as important as detecting payloads.

RT @gossy_84: The ROI of deception technology is often overlooked, especially when you factor in the costs of alert fatigue and the high-sk….

Some people may find it strange to hear that I like to use ADExplorer during internal pentests. I use it for a few (non-exhaustive) reasons:. 1. It's an efficient way to browse AD without AD powershell cmdlets.2. I can right click and browse permissions on users, computers, OUs,.

dude is incredible, halo holds a special place in my childhood and my heart, this is so awesome hah.

😂😂😂😂.

Failure is the best teacher. Lean into things that scare you, that are new, that you're not comfortable with. Get over yourself in thinking anyone cares about your losses/failures. People have their own lives their own stuff going on to care.

When you’ve been sold a hammer (EDR) everything looks like a nail….

Not a silver bullet.Not what you do first if your env is in shambles.Not going to “block” attacks. Agreed. 100%. But we say the same things about other security products. Edr and deception serve different purposes and therefore have different capabilities . But….Deception.