Pen Testing Active Directory

You may have been following our series of posts on pen testing Active Directory environments and learned about the awesome powers of PowerView. No doubt you were wowed by our cliffhanger ending — spoiler alert — where we applied graph theory to find the derivative admin!

We know from the many emails we received that you demanded a better ‘long-form’ content experience. After all, who’d want to read about finding hackable vulnerabilities using Active Directory while being forced to click six-times to access the entire series?

Thanks to the miracle of PDF technology, we’ve compressed the entire series into an easy-to-ready, comfy ebook format. Best of all, you can scroll through the entire contents without having to touch messy hyperlinks.

Get The Ebook Now
Or check it all out online, here.
Data Security

SIEM Tools: Varonis Is the Solution That Makes the Most of Your SIEM

SIEM applications are an important part of the data security ecosystem: they aggregate data from multiple systems, normalize that data, then analyze that data to catch abnormal behavior or data security attacks. SIEM provides a central place to collect events and alerts – so that you can initiate a security investigation. But what then? The biggest issue we hear from customers when they use SIEM is that it’s extremely difficult to diagnose and research security…
Data Security

The Difference Between IAM’s User Provisioning and Data Access Management

Identity and access management (IAM)’s user provisioning and data security’s data access management both manage access. But provisioning is not a substitute, nor is it a replacement for data access management. The nuances between the two are enough to put the two in distinct categories. Both are important and knowing the difference between the two will help you figure out the right tool for the job. What is User Provisioning? User provisioning is the creation…
Data Security

[Podcast] Manifesting Chaos or a Security Risk?

Regular listeners of the Inside Out Security podcast know that our panelists can’t agree on much. Well, when bold allegations that IT is the most problematic department in an organization can be, ahem, controversial. But whether you love or hate IT, we can’t deny that technology has made significant contributions to our lives. For instance, grocery stores are now using a system, order-to-shelf, to reduce food waste. There are apps to help drivers find alternate…
IT Pros

Adventures in Malware-Free Hacking, Part II

I’m a fan of the Hybrid Analysis site. It’s kind of a malware zoo where you can safely observe dangerous specimens captured in the wild without getting mauled. The HA team runs the malware in safe sandboxes and records systems calls, file created, and internet traffic, displaying the results for each malware sample. So you don’t have to necessarily spend time puzzling over or even, gulp, running the heavily obfuscated code to understand the hackers’…
Data Security

[Podcast] The Security of Legacy Systems

It’s our first show of 2018 and we kicked off the show with predictions that could potentially drive headline news. By doing so, we’re figuring out different ways to prepare and prevent future cybersecurity attacks. What’s notable is that IBM set up a cybersecurity lab, where organizations can experience what it’s like go through a cyberattack without any risk to their existing production system. This is extremely helpful for companies with legacy systems that might…
Data Security

The Difference Between Data Governance and IT Governance

Lately, we’ve been so focused on data governance, extracting the most value from our data and preventing the next big breach, many of us have overlooked IT governance fundamentals, which help us achieve great data governance. The source of some of the confusion is that data and IT governance have very similar and interdependent goals. Broadly speaking, both processes aim to optimize the organization’s assets to generate greater business value for the organization. Since IT…
Data Security, Varonis News

Introducing Varonis Data Security Platform 6.4.100: Varonis Edge, GDPR Thre...

It’s the beginning of a new year, and we have a huge new beta release to share with you.  The beta release of the Varonis Data Security Platform 6.4.100 dropped earlier this month, and I wanted to share a few highlights: Varonis Edge We announced Varonis Edge back in November, and we’re excited for you to try it.  After over a decade of protecting core data stores, we’re extending that same data security approach to…
Data Security

Add Varonis to IAM for Better Access Governance

Managing permissions is a colossal job fraught with peril, and over-permissive folders are the bane of InfoSec and a hacker’s delight. Many organizations employ IAM (Identity Access Management) to help manage and govern access to applications and other corporate resources. One of the challenges that remains after implementing an IAM solution, however, is how to apply its principles to unstructured data. IAM may be able to help you manage group memberships in Active Directory, but…
Data Security

Adventures in Malware-Free Hacking, Part I

When I first started looking into the topic of hackers living off the land by using available tools and software on the victim’s computer, little did I suspect that it would become a major attack trend. It’s now the subject of scary tech headlines, and security pros are saying it’s on the rise. It seems like a good time for a multi-part IOS blog series on this subject. Known also as file-less or zero-footprint attacks, malware-free…
Data Security

How to use PowerShell Objects and Data Piping

This article is a text version of a lesson from our PowerShell and Active Directory Essentials video course (use code ‘blog’ for free access). The course has proven to be really popular as it walks you through creating a full Active Directory management utility from first principles. What makes a PowerShell Object? If there’s one thing you fundamental difference between PowerShell and other scripting languages that have come before, it’s PowerShell’s default use of Objects…
Data Security

Our Most Underappreciated Blog Posts of 2017

Another year, another 1293 data breaches involving over 174 million records. According to our friends at the Identity Theft Resource Center, 2017 has made history by breaking 2016’s record breaking 1091 breaches. Obviously it’s been a year that many who directly defend corporate and government systems will want to forget. Before we completely wipe 2017 from our memory banks, I decided to take one last look at the previous 12 months worth of IOS posts.  While…
Data Security

How To Get Started with PowerShell and Active Directory Scripting

Build a Full PowerShell Utility This article is a text version of a lesson from our PowerShell and Active Directory Essentials video course (use code ‘blog’ for free access). The course has proven to be really popular as it walks you through creating a full Active Directory management utility from first principles. Coding With PowerShell It can be hard to get started with PowerShell, especially if over the years you’ve become accustomed to working with…