Today's episode is the thrilling, exciting, heart-pounding conclusion of Tales of Internal Pentest Pwnage - Part 1. In this episode, we cover the final "wins" that got me to Domain Admin status (and beyond!): Got DA but can't get to your final "crown jewels" destinations? How »
Buckle up! This is one of my favorite episodes. Today I'm kicking off a two-part series that walks you through a narrative of a recent internal pentest I worked on. I was able to get to Domain Admin status and see the "crown jewels" data, so I thought »
I recently had the awesome opportunity to take the awesome Real World Red Team course put on by Peter Kim, author of The Hacker Playbook series. TLDR and TLDL (too long don't listen): go take this training. Please. Now. The end. :-) If you want to hear more, check out »
Today's episode is brought to you by NoteCast. Try it free for 60 days (no credit card required) and enter code 7MS when completing your signup. In today's episode, I talk about how the level of Windows server/client logging out of the box is...not really awesome. I then »
Today's featured interview is with Lewie Wilkinson, senior integration engineer at Pondurance. Pondurance helps customers improve their security posture by providing a managed threat hunting and response solution, including a 24/7 SOC. Lewie joined me via Skype to talk a lot about a topic I'm fascinated with: incident response! »
Today's featured interview is with Ameesh Divatia, cofounder and CEO at Baffle. Baffle offers an interesting approach to data protection that they call data-centric protection, and the idea is you need to protect information at the record level, not just the sort of traditional approach of "encrypt at rest& »
Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password guidelines, and is the only enterprise solution to protect »
Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password guidelines, and is the only enterprise solution to protect »
WARNING: Today's episode is a bit of an experiment, and I hope you'll hang in there with me for it. I had the opportunity to do a week-long red team engagement, and so I recorded a little summary of the experience at the end of each day, and then pasted »
Coming up on Tuesday, January 22 I'll be doing a Webinar with Netwrix called 4 Ways Your Organization Can Be Hacked. It features a Billy Madison theme and pits evil Eric Gordon against sysadmin Billy Madison. Hope you'll join us - it'll be fun! Today I'm pleased to welcome Amber »
I'd like to coordially invite you to the first-ever 7MS User Group meeting, coming up Monday, January 14th at 6 p.m.! You can attend physically, virtually or both! All the info you need is below...see you there! »
