Author Archives: ST

Its Time to Help Safeguard Organizatonal Cyber Security Worldwide (i.e. protect Microsoft’s Global Ecosystem)

Folks, Hello. I hope this finds you doing well. Relative to 2017, I know we’ve been quiet for a bit, because, behind the scenes, we’ve been very busy helping protect foundational cyber security worldwide.   Its 2018, i.e. 18 years since Microsoft shipped Active Directory, yet most organizations worldwide don’t even have the means to adequately […]

How to Find Stealthy Admins in Active Directory

Folks, As you may know, lately Active Directory Security seems to have been getting a lot of attention from traditional network security / hacking / cyber security folks (both on the good and the not-so-good side), many of whom may actually be new to the subject of Active Directory Security, and most of whom seem […]

How to Mitigate the Cyber Security Risk Posed by Sneaky Persistence in Active Directory

Folks, A few weeks ago, a presentation titled An ACE Up The Sleeve – Designing Active Directory DACL Backdoors at the Black Hat Conference 2017 (which we skipped) apparently made waves and caught the attention of the world, including that of Microsoft. In fact, it apparently intrigued Microsoft so much that its Advanced Threat Analytics […]

Time to Help Microsoft and the Entire World

Folks, As you know, today Microsoft’s Active Directory is the very foundation of IT and cyber security at 85% of all organizations worldwide, as well as at the foundation of most cyber security companies. The compromise of an organization’s foundational Active Directory could have colossal consequences for the organization, as well as for all its […]

A Letter to the President of the United States Regarding Cyber Security

Folks, Earlier today, I penned an open letter online to the President of the United States, Donald Trump, concerning Global and Cyber Security. In this letter, I succinctly communicated my thoughts on three primary subjects – The Top-5 Risks to Global Security, The Risk of the Decline of American leadership and the Cyber Risk. This letter […]

30 Days of Advanced Active Directory Security School for Microsoft

Folks, As you may know, to help Microsoft understand the subject better, I’ve been conducting Advanced Active Directory Security School for Microsoft at – The Active Directory Security Blog. Since we started school, we have received requests from around the world for there to be a single place where folks can easily find these entries, so this blog post […]

Time to Help Microsoft, and the World, Better Understand Active Directory Security

Folks, Today, the cyber security of every organization’s foundational Active Directory deployment is paramount to their security because Active Directory is the bedrock of organizational cyber security. Considering that 100% of all major recent cyber security breaches including Snowden, Target, JP Morgan, Sony, Anthem and the OPM data breach involved the compromise and misuse of […]

Active Directory Effective Permissions

Folks, Today, I would like to cover a paramount cyber security topic, one that is at the very heart, root and foundation of organizational cyber security worldwide – Active Directory Effective Permissions.   Before I share its technical and other salient aspects, I should mention that not a single organization in the world that today operates […]