Trimarc
@trimarcsecurity.com
We are the experts in Active Directory, Microsoft Cloud, and Identity security. Since our inception over a decade ago, we have provided professional services and a product-based SaaS solution focused on both on-prem and cloud Active Directory security.
Join us in 30 minutes for a REstream of our previous Happy Hour episode:
11 am PT / 2 pm ET
💥 Hacking Demystified, featuring Dave Kennedy
It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at www.twitch.tv/TrimarcSecur...
11 am PT / 2 pm ET
💥 Hacking Demystified, featuring Dave Kennedy
It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at www.twitch.tv/TrimarcSecur...
January 10, 2025 at 6:33 PM
Join us in 30 minutes for a REstream of our previous Happy Hour episode:
11 am PT / 2 pm ET
💥 Hacking Demystified, featuring Dave Kennedy
It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at www.twitch.tv/TrimarcSecur...
11 am PT / 2 pm ET
💥 Hacking Demystified, featuring Dave Kennedy
It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at www.twitch.tv/TrimarcSecur...
Through dragon’s fire, a spark ignites,
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.
Thank you for joining us during this #30DaysOfVision adventure!
Happy New Year from the Trimarc crew 🐉
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.
Thank you for joining us during this #30DaysOfVision adventure!
Happy New Year from the Trimarc crew 🐉
December 31, 2024 at 9:04 PM
Through dragon’s fire, a spark ignites,
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.
Thank you for joining us during this #30DaysOfVision adventure!
Happy New Year from the Trimarc crew 🐉
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.
Thank you for joining us during this #30DaysOfVision adventure!
Happy New Year from the Trimarc crew 🐉
Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.
December 30, 2024 at 8:53 PM
Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.
Often, some of the most enlightening parts of a webcast or livestream are the questions that audience members ask at the end of a presentation.
The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.
The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.
December 29, 2024 at 2:34 PM
Often, some of the most enlightening parts of a webcast or livestream are the questions that audience members ask at the end of a presentation.
The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.
The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.
#30DaysOfVision, Day 27: Agents of Chaos.
Any analyst or security engineer who has been around long enough has an intimate relationship w/ agent fatigue. It’s not enough to have to worry about the processing needs of an agent for each product, but also the greedy permission models that come w/ them.
Any analyst or security engineer who has been around long enough has an intimate relationship w/ agent fatigue. It’s not enough to have to worry about the processing needs of an agent for each product, but also the greedy permission models that come w/ them.
December 28, 2024 at 1:58 PM
#30DaysOfVision, Day 27: Agents of Chaos.
Any analyst or security engineer who has been around long enough has an intimate relationship w/ agent fatigue. It’s not enough to have to worry about the processing needs of an agent for each product, but also the greedy permission models that come w/ them.
Any analyst or security engineer who has been around long enough has an intimate relationship w/ agent fatigue. It’s not enough to have to worry about the processing needs of an agent for each product, but also the greedy permission models that come w/ them.
This is Jim Sykora (@jimsycurity.adminsdholder.com), Trimarc Security Consultant and author of an awesomesauce white paper, "Owner or Pwned.”
Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.
Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.
December 27, 2024 at 9:57 PM
This is Jim Sykora (@jimsycurity.adminsdholder.com), Trimarc Security Consultant and author of an awesomesauce white paper, "Owner or Pwned.”
Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.
Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.
#30DaysOfVision - Day 25 - Criticality.
Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality?
We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.
Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality?
We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.
December 26, 2024 at 9:03 PM
#30DaysOfVision - Day 25 - Criticality.
Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality?
We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.
Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality?
We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.
💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett]
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision
December 25, 2024 at 10:19 PM
💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett]
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision
#30DaysOfVision - Day 23: Environment Risk Score
Whether it’s last-minute shopping or moving that dang Elf to a new spot on the shelf, sometimes you don't have time for a deep dive to assess issues in your #ActiveDirectory environment. You need to locate the problem & start focusing on remediation.
Whether it’s last-minute shopping or moving that dang Elf to a new spot on the shelf, sometimes you don't have time for a deep dive to assess issues in your #ActiveDirectory environment. You need to locate the problem & start focusing on remediation.
December 24, 2024 at 8:42 PM
#30DaysOfVision - Day 23: Environment Risk Score
Whether it’s last-minute shopping or moving that dang Elf to a new spot on the shelf, sometimes you don't have time for a deep dive to assess issues in your #ActiveDirectory environment. You need to locate the problem & start focusing on remediation.
Whether it’s last-minute shopping or moving that dang Elf to a new spot on the shelf, sometimes you don't have time for a deep dive to assess issues in your #ActiveDirectory environment. You need to locate the problem & start focusing on remediation.
Day 22 of #30DaysOfVision: Prepare to be wowed by the AD insights and skillful sleight of hand of Trimarc Senior Security Consultant, Brandon Colley.
You may have seen his talk on Winning the Game of Active Directory during #DEFCON 32, but did you know that Brandon is also a whiz at card tricks?
You may have seen his talk on Winning the Game of Active Directory during #DEFCON 32, but did you know that Brandon is also a whiz at card tricks?
December 23, 2024 at 9:58 PM
Day 22 of #30DaysOfVision: Prepare to be wowed by the AD insights and skillful sleight of hand of Trimarc Senior Security Consultant, Brandon Colley.
You may have seen his talk on Winning the Game of Active Directory during #DEFCON 32, but did you know that Brandon is also a whiz at card tricks?
You may have seen his talk on Winning the Game of Active Directory during #DEFCON 32, but did you know that Brandon is also a whiz at card tricks?
We are an industry of proud nerds. Star Trek, Star Wars, Battlestar Galactica… collecting things IS our thing. 🤓 Trimarc Vision was built by those same nerds, so we gave you Collections of Forests.
A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.
A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.
December 22, 2024 at 2:34 PM
We are an industry of proud nerds. Star Trek, Star Wars, Battlestar Galactica… collecting things IS our thing. 🤓 Trimarc Vision was built by those same nerds, so we gave you Collections of Forests.
A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.
A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.
#30DaysOfVision - Day 20 - Mergers & Acquisitions + Comparing Forests.
Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A?
Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A?
December 21, 2024 at 1:35 PM
#30DaysOfVision - Day 20 - Mergers & Acquisitions + Comparing Forests.
Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A?
Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A?
It's Day 19 of #30DaysOfVision, and it's time for the FINAL Trimarc Dragon's Breath Newsletter of 2024... so deck the domains, jingle those GPOs, and get a good whiff. 🐉
December 20, 2024 at 7:37 PM
It's Day 19 of #30DaysOfVision, and it's time for the FINAL Trimarc Dragon's Breath Newsletter of 2024... so deck the domains, jingle those GPOs, and get a good whiff. 🐉
#30DaysOfVision - Day 18 - Vintage Passwords
Cars can be classified as Classic/Antique after the 10-year mark. So can KRBTGT passwords.
Trimarc Vision's Remediation Planner not only describes how to fix issues, it gives you the PowerShell cmdlets to do it.
Cars can be classified as Classic/Antique after the 10-year mark. So can KRBTGT passwords.
Trimarc Vision's Remediation Planner not only describes how to fix issues, it gives you the PowerShell cmdlets to do it.
December 19, 2024 at 11:25 PM
#30DaysOfVision - Day 18 - Vintage Passwords
Cars can be classified as Classic/Antique after the 10-year mark. So can KRBTGT passwords.
Trimarc Vision's Remediation Planner not only describes how to fix issues, it gives you the PowerShell cmdlets to do it.
Cars can be classified as Classic/Antique after the 10-year mark. So can KRBTGT passwords.
Trimarc Vision's Remediation Planner not only describes how to fix issues, it gives you the PowerShell cmdlets to do it.
We've shown you the Trimarc Vision UI and talked about what it does. Now let's talk about the most important thing… WHY?
Why did a services company decide to build a product?
Why did a services company decide to build a product?
December 18, 2024 at 9:06 PM
We've shown you the Trimarc Vision UI and talked about what it does. Now let's talk about the most important thing… WHY?
Why did a services company decide to build a product?
Why did a services company decide to build a product?
Day 16 of #30DaysOfVision: "The woods are lovely, dark & deep. But I have promises to keep, & miles to go before I convince people to audit their AD Admin group membership." ~Robert Frost, 1776
We designed Trimarc Vision from its inception to scale so we can support a wide variety of environments.
We designed Trimarc Vision from its inception to scale so we can support a wide variety of environments.
December 17, 2024 at 8:47 PM
Day 16 of #30DaysOfVision: "The woods are lovely, dark & deep. But I have promises to keep, & miles to go before I convince people to audit their AD Admin group membership." ~Robert Frost, 1776
We designed Trimarc Vision from its inception to scale so we can support a wide variety of environments.
We designed Trimarc Vision from its inception to scale so we can support a wide variety of environments.
As poet and lyricist Jon Bon Jovi proclaims, “Woooah, we’re halfway there.”
Woooah, it’s officially Day 15 of our #30DaysOfVision escapades, and today we're talking about MERGERS & ACQUISITIONS.
youtu.be/TP5Gj7ZjxTQ?...
Woooah, it’s officially Day 15 of our #30DaysOfVision escapades, and today we're talking about MERGERS & ACQUISITIONS.
youtu.be/TP5Gj7ZjxTQ?...
Trimarc Vision - Scenario 2 - Mergers and Acquisitions
YouTube video by Trimarc Security
youtu.be
December 16, 2024 at 9:33 PM
As poet and lyricist Jon Bon Jovi proclaims, “Woooah, we’re halfway there.”
Woooah, it’s officially Day 15 of our #30DaysOfVision escapades, and today we're talking about MERGERS & ACQUISITIONS.
youtu.be/TP5Gj7ZjxTQ?...
Woooah, it’s officially Day 15 of our #30DaysOfVision escapades, and today we're talking about MERGERS & ACQUISITIONS.
youtu.be/TP5Gj7ZjxTQ?...
30 Days of Vision: Day 14 - Level of Effort 💪
Even on Sunday? Well, it’s Monday in Australia, Bangladesh, and Fiji so yes, absolutely. Looking up world clocks is a very low level of effort. We like that. So, we baked that same minimal guesswork into Trimarc Vision for Active Directory.
Even on Sunday? Well, it’s Monday in Australia, Bangladesh, and Fiji so yes, absolutely. Looking up world clocks is a very low level of effort. We like that. So, we baked that same minimal guesswork into Trimarc Vision for Active Directory.
December 15, 2024 at 2:16 PM
30 Days of Vision: Day 14 - Level of Effort 💪
Even on Sunday? Well, it’s Monday in Australia, Bangladesh, and Fiji so yes, absolutely. Looking up world clocks is a very low level of effort. We like that. So, we baked that same minimal guesswork into Trimarc Vision for Active Directory.
Even on Sunday? Well, it’s Monday in Australia, Bangladesh, and Fiji so yes, absolutely. Looking up world clocks is a very low level of effort. We like that. So, we baked that same minimal guesswork into Trimarc Vision for Active Directory.
We’re up to Day 13 of our 30 Days of Vision (yes, even on weekends… that’s how this shtick works).
All Findings in Trimarc Vision for #ActiveDirectory are scored by their severity level. A quick click on the Vision dashboard sorts all Findings by their scoring.
All Findings in Trimarc Vision for #ActiveDirectory are scored by their severity level. A quick click on the Vision dashboard sorts all Findings by their scoring.
December 14, 2024 at 2:24 PM
We’re up to Day 13 of our 30 Days of Vision (yes, even on weekends… that’s how this shtick works).
All Findings in Trimarc Vision for #ActiveDirectory are scored by their severity level. A quick click on the Vision dashboard sorts all Findings by their scoring.
All Findings in Trimarc Vision for #ActiveDirectory are scored by their severity level. A quick click on the Vision dashboard sorts all Findings by their scoring.
It’s Day 12 of #30DaysOfVision! To quote painter/philosopher/visionary Bob Ross, “We don’t make mistakes, we have happy accidents.” 🌳
Welp, last Friday we had a “happy accident” and got our wires crossed about which REstream would be REstreaming.
Welp, last Friday we had a “happy accident” and got our wires crossed about which REstream would be REstreaming.
December 13, 2024 at 6:42 PM
It’s Day 12 of #30DaysOfVision! To quote painter/philosopher/visionary Bob Ross, “We don’t make mistakes, we have happy accidents.” 🌳
Welp, last Friday we had a “happy accident” and got our wires crossed about which REstream would be REstreaming.
Welp, last Friday we had a “happy accident” and got our wires crossed about which REstream would be REstreaming.
Reposted by Trimarc
This post from 2017(?) is still one I use every week I teach when asked how to detect kerberoasting. The folks at @trimarc.bsky.social have always been my go-to resource for AD security.
www.hub.trimarcsecurity.com/post/trimarc...
www.hub.trimarcsecurity.com/post/trimarc...
Trimarc Research: Detecting Kerberoasting Activity
Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without sending any packets to the target system. This attack is effective s...
www.hub.trimarcsecurity.com
December 13, 2024 at 9:07 AM
This post from 2017(?) is still one I use every week I teach when asked how to detect kerberoasting. The folks at @trimarc.bsky.social have always been my go-to resource for AD security.
www.hub.trimarcsecurity.com/post/trimarc...
www.hub.trimarcsecurity.com/post/trimarc...
It's the 12th day of December and Day 11 of our 30 Days Of Vision, so it's time for a (fairly cheesy) song...
🎶 On the 12th day of December,
Trimarc and Clarity gave to meee,
a clearer path to securing AD!
🎶 On the 12th day of December,
Trimarc and Clarity gave to meee,
a clearer path to securing AD!
December 12, 2024 at 1:14 PM
It's the 12th day of December and Day 11 of our 30 Days Of Vision, so it's time for a (fairly cheesy) song...
🎶 On the 12th day of December,
Trimarc and Clarity gave to meee,
a clearer path to securing AD!
🎶 On the 12th day of December,
Trimarc and Clarity gave to meee,
a clearer path to securing AD!
On Day 10 of #30DaysOfVision, you can catch visionary @dotdot.horse on this @antisyphontraining.bsky.social Anti-Cast!
🔒 Finding and Fixing AD CS Issues with Locksmith
TODAY (Dec 11) at 12:00 pm ET
🔒 Finding and Fixing AD CS Issues with Locksmith
TODAY (Dec 11) at 12:00 pm ET
December 11, 2024 at 3:47 PM
On Day 10 of #30DaysOfVision, you can catch visionary @dotdot.horse on this @antisyphontraining.bsky.social Anti-Cast!
🔒 Finding and Fixing AD CS Issues with Locksmith
TODAY (Dec 11) at 12:00 pm ET
🔒 Finding and Fixing AD CS Issues with Locksmith
TODAY (Dec 11) at 12:00 pm ET
Day 9 of 30 Days of Vision, and we’re getting into the meaty stuff.
Assessments & portals full of data are nothing if you don't know where to even begin remediation. Welcome to Remediation Planner. We could tell you how it works, but we'd rather show you.
Assessments & portals full of data are nothing if you don't know where to even begin remediation. Welcome to Remediation Planner. We could tell you how it works, but we'd rather show you.
December 10, 2024 at 4:42 PM
Day 9 of 30 Days of Vision, and we’re getting into the meaty stuff.
Assessments & portals full of data are nothing if you don't know where to even begin remediation. Welcome to Remediation Planner. We could tell you how it works, but we'd rather show you.
Assessments & portals full of data are nothing if you don't know where to even begin remediation. Welcome to Remediation Planner. We could tell you how it works, but we'd rather show you.
Is your #ActiveDirectory environment overly-complex as a result of dreaded AD sprawl?
December 9, 2024 at 2:30 PM
Is your #ActiveDirectory environment overly-complex as a result of dreaded AD sprawl?