Spending time with customers in Texas last week left me speechless – literally. One customer asked me a question for which I was not prepared. They have been following our Active Directory attack blog series. They found it very interesting, but they had one major question. Why should they spend so much time thinking about what attackers do? If they spend all your time creating good security programs and practices, isn’t that the best they can do? I have been taking the value of the work we have done exposing attacks for granted. But had I been mistaking “cool” for “valuable” this whole time? The conversation that followed brought out some interesting points, and I thought I would share it with all of you.
For me, this is a philosophical truth right out of Sun Tzu’s Art of War – know your enemy. Of course, quoting philosophy books isn’t a good way to get budget approved in many organizations. So the challenge here is to articulate exactly why this was true. Talking it through, this IT Director and I came up with three (3) good reasons why knowing how bad guys attack makes business sense:
If you have not been reading the Active Directory attack series, then you should start immediately (Or maybe you’ll want to finish this to understand the value and then go off and read them.) So far, we’ve written up attacks on your core Active Directory platform, service accounts, permissions in Active Directory, and we’ve just started a series on how attackers use Mimikatz to steal credentials. In all these blogs, you will learn the methods of the bad guys from reconnaissance through persistence to data exfiltration. If you have never looked at how easy the bad guys have it and how many tools are out there to help them, it may be pretty scary. More than simply being scared, though, we hope that these will help you improve your security program’s impact and value.
To register for the Active Directory attack webinar, How Attackers Are Stealing Your Credentials with Mimikatz, please click here.
Jonathan Sander is STEALTHbits’ Chief Technology Officer (CTO). As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets, and he will also lead corporate development efforts. Jonathan also plays the role of evangelist at STEALTHbits venues large and small. Prior to STEALTHbits, Jonathan was VP of Product Strategy for Lieberman Software.
As part of Quest Software from 1999 through 2013, he worked with the security and ITSM portfolios. He helped launch Quest’s IAM solutions, directing all business development and product strategy efforts. Previous to that, Mr. Sander was a consultant at Platinum Technology focusing on the security, access control and SSO solutions. He graduated from Fordham University with a degree in Philosophy.
Proper data security begins with a strong foundation. Find out what you're standing on with a free deep-dive into the security of your Structured and Unstructured Data, Active Directory, and Windows infrastructure.
Read more© 2022 Stealthbits Technologies, Inc.
Leave a Reply