Another Look At Active Directory Security

By Carl L Active Directory is the backbone of most organizations, and compromising this tool is the Holy Grail for most attackers. Any organization that has been around for a while has likely been through many iterations of Active Directory. Over the years they may have seen hundreds or thousands of different recommendations, upgrades, [...]

Another Look At Active Directory Security2022-01-18T16:59:11+00:00

Azure AD Default Configuration Blunders

By: Carl L Following the release of two recent blogs regarding Microsoft’s Azure Active Directory default configurations, we began digging a little further into the access an unprivileged user has inside any tenant running any of the default settings in their tenant. What we’ve found is that the Default Enabled settings allow any unprivileged, authenticated user [...]

Azure AD Default Configuration Blunders2021-10-25T13:19:04+00:00

Soteria 365 Inspect

Open-Source, Automated Microsoft 365 Security Assessment: Announcing Soteria 365 Inspect   Try it for yourself here: https://github.com/soteria-security/365Inspect Although infrastructure deployment technologies like Amazon Web Services and Microsoft Azure steal the headlines, the shift of business productivity tools to the cloud was just as rapid. For many, that need is served by Office 365, [...]

Soteria 365 Inspect2021-04-30T00:24:01+00:00

AWS Multi-Account Management

The Challenge of Multi-Account Management in Amazon Web Services (AWS) By Anthony Baio AWS provides organizations with a powerful capability to build and scale with minimal overhead. An often-overlooked consideration when standing up these environments is developing a scalable way to securely manage identities and user access. Addressing this challenge early on will [...]

AWS Multi-Account Management2021-03-17T14:28:54+00:00
Go to Top