Author Archives: ST

How to Find Stealthy Admins in Active Directory

Folks, As you may know, lately Active Directory Security seems to have been getting a lot of attention from traditional network security / hacking / cyber security folks (both on the good and the not-so-good side), many of whom may actually be new to the subject of Active Directory Security, and most of whom seem […]

How to Mitigate the Cyber Security Risk Posed by Sneaky Persistence in Active Directory

Folks, A few weeks ago, a presentation titled An ACE Up The Sleeve – Designing Active Directory DACL Backdoors at the Black Hat Conference 2017 (which we skipped) apparently made waves and caught the attention of the world, including that of Microsoft. In fact, it apparently intrigued Microsoft so much that its Advanced Threat Analytics […]

Time to Help Microsoft and the Entire World

Folks, As you know, today Microsoft’s Active Directory is the very foundation of IT and cyber security at 85% of all organizations worldwide, as well as at the foundation of most cyber security companies. The compromise of an organization’s foundational Active Directory could have colossal consequences for the organization, as well as for all its […]

A Letter to the President of the United States Regarding Cyber Security

Folks, Earlier today, I penned an open letter online to the President of the United States, Donald Trump, concerning Global and Cyber Security. In this letter, I succinctly communicated my thoughts on three primary subjects – The Top-5 Risks to Global Security, The Risk of the Decline of American leadership and the Cyber Risk. This letter […]

30 Days of Advanced Active Directory Security School for Microsoft

Folks, As you may know, to help Microsoft understand the subject better, I’ve been conducting Advanced Active Directory Security School for Microsoft at – The Active Directory Security Blog. Since we started school, we have received requests from around the world for there to be a single place where folks can easily find these entries, so this blog post […]

Time to Help Microsoft, and the World, Better Understand Active Directory Security

Folks, Today, the cyber security of every organization’s foundational Active Directory deployment is paramount to their security because Active Directory is the bedrock of organizational cyber security. Considering that 100% of all major recent cyber security breaches including Snowden, Target, JP Morgan, Sony, Anthem and the OPM data breach involved the compromise and misuse of […]

Active Directory Effective Permissions

Folks, Today, I would like to cover a paramount cyber security topic, one that is at the very heart, root and foundation of organizational cyber security worldwide – Active Directory Effective Permissions.   Before I share its technical and other salient aspects, I should mention that not a single organization in the world that today operates […]

Paramount Cyber Security Insight for Organizations Worldwide

Folks, Apologies for the delay. In light of recent global events (i.e. the U.S. Elections) which are believed to have been influenced by possibly the world’s biggest cyber security breach yet, I just wanted to let the dust settle prior to commencing sharing perspectives, since what we have to share concerns the foundational cyber security of both business […]

Its Time To Provide Thought Leadership to the Cyber Security Space

Folks, At Paramount Defenses, we’ve silently been at work for over a decade now (2006 – 2016), and we have uniquely  solved arguably the biggest cyber security challenge the world faces today. Having successfully done so, there’s much we have to share with the world, so in a few days to come, we will start sharing rare, […]