Olivia
Online
Trimarc
@TrimarcSecurity
We are the experts in Active Directory, Entra ID, and Identity security. Find out more about our services at
Washington, DC
Joined February 2016
133 Following
5.2K Followers
1.6K Posts
Excited to announce that @TrimarcSecurity and @TrustedSec are joining forces.
Happy to welcome over the amazing #Trimarc folks led by @PyroTek3 over to the #TrustedSec team and further expand our capabilities at TS.
https://t.co/z17zwkiBz4
❌ Admins, please block Device Code Flows (DCF) in your tenant today!!
In the post below I share how device code phishing works, the CA policy to create and finally show how it get's blocked with the policy.
🧵👇
Behind every major hack is:
A complex technical explanation
A human story
And usually a really dumb mistake
I tell all three.
Join us in 30 minutes for a REstream of our previous Happy Hour episode:
11 am PT / 2 pm ET
💥 Hacking Demystified, featuring @HackingDave
It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at https://t.co/9syOfZsYgO
Who to follow
Sean Metcalf 
@PyroTek3
Identity Security Architect @ TrustedSec. Microsoft Certified Master #ActiveDirectory & former Microsoft MVP. Co-Host @ Enterprise Security Weekly. He/Him. #BLM
DirectoryRanger
@DirectoryRanger
This account assembles and disseminates information related to Active Directory and Windows security.
Will Schroeder
@harmj0y
Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.
Grab the fresh release of Locksmith to help secure your Active Directory Certificate Services in 2025!
This free tool now includes risk ratings and other improvements.
Install-Module Locksmith -Scope CurrentUser
https://t.co/If55hLmP61
#ActiveDirectory #ADCS #PKI #PowerShell
Through dragon’s fire, a spark ignites,
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.
Thank you for joining us during this #30DaysOfVision adventure!
Happy New Year from the Trimarc crew 🐉
@TrimarcSecurity If you have on prem AD you need this!
Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.
With dozens to hundreds of thousands of AD users often spread across multiple domains and forests, maintaining a strong security posture can be a daunting task. This is especially true when performing risk calculations, mergers and acquisitions, or conducting remediation planning.
But with the Trimarc Vision dashboards, organizations can now have a unified view of their AD security, real-world based risk scoring, and prioritized remediation guidance - all in one powerful tool that’s quick to deploy and simple to implement.
Early Access pricing wraps up at the end of January, so get a demo soon to see Trimarc Vision in action. https://t.co/O8LlubnIky
#30DaysOfVision #ADsecurity #EnterpriseSecurity
Often, some of the most enlightening parts of a webcast or livestream are the questions that audience members ask at the end of a presentation.
The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.
Questions included:
🔸 Are there plans to support Hybrid environments?
🔸 How are Service Accounts identified?
🔸 What AD level is required for Trimarc Vision to interrogate it?
🔸 How do you determine how the data was gathered?
🔸 Can alerts be generated if new vulnerabilities are generated?
🔸 Do you plan to add auto sync?
🔸 Is Trimarc Vision a real-time view?
🔸 How are risk scores calculated?
🔸 Do you offer an MSP license?
🔸 Does Trimarc Vision have an API/SIEM integration?
🔸 Can Trimarc Vision show AD health over time?
🔸 How does Trimarc Vision handle data security?
🔸 How do I sign up for Early Access to Trimarc Vision?*
Check out the video to hear responses from our founder and CTO, Sean Metcalf (@PyroTek3): https://t.co/glPHoUiIli
(*if you're considering signing up for Trimarc Vision, reach out soon, as Early Access pricing wraps up at the end of January)
#30DaysOfVision - Day 27 – Agents of Chaos.
Any analyst or security engineer who has been around long enough has an intimate relationship with agent fatigue. It’s not enough to have to worry about the processing needs of an agent for every product, but also the greedy permission models that come with them.
Too many product agents need the keys to your kingdom to be able to run. It’s enough already.
We practice & preach the least privileged model. The Trimarc Vision agent does NOT need to be installed on a DC, nor does it need admin level access. We’re a guest in your house; you’ll barely know we’re here, and we’ll help with the dishes. 💗
Learn how Trimarc Vision can help your security team monitor #ActiveDirectory more efficiently in this video from our founder and CTO, Sean Metcalf (@PyroTek3): https://t.co/UmQMw1RxYi
This is Jim Sykora (@JimSycurity), Trimarc Security Consultant and author of an awesomesauce white paper, "Owner or Pwned.” Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.
Read the white paper to learn about discovering and remediating AD object ownership issues: https://t.co/tTTUvn5gMp
And since it’s Day 26 of #30DaysOfVision, we’d be remiss if we didn’t mention that Trimarc Vision checks for the ability to take ownership of privileged objects in #ActiveDirectory. Why is this important? Well, the default behavior in Active Directory allows the Owner of an AD Object to fully control that Object.
Do you know who owns objects in your AD Forest? Do you know which AD Object Owners could compromise your AD Forest? Do you know who could own your AD Objects and who could Pwn your AD?
Get instant answers to these and more questions with the dashboards in Trimarc Vision for Active Directory. Get a demo at https://t.co/O8Lluboga6
#30DaysOfVision - Day 25 - Criticality.
Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality? We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.
The bar for Critical: One step away from total compromise of a domain or forest. Like this tasty morsel right here.
For more information on Trimarc Vision for #ActiveDirectory and all of Trimarc's services, visit https://t.co/7yYf8PNCb0
💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett]
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision
![TrimarcSecurity's tweet photo. 💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett]
We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.
#30DaysOfVision https://t.co/FlVL77CcJb](https://pbs.twimg.com/media/GfrWSJbXYAAu3zu.jpg)
#30DaysOfVision - Day 23 - Environment Risk Score (ERS)
Whether it’s last-minute shopping, wrapping, or moving that dang Elf to a new place on the shelf, sometimes you just don't have the time for a deep dive to assess issues in your #ActiveDirectory environment.
You need to see where the problem is and start focusing your efforts on remediation.
Trimarc Vision's ERS is based on the severity of each individual Finding it uncovers. That way, you can fix what needs fixin’ in your AD environment and get right back to dreideling, wassailing, and decking the halls.
https://t.co/O8Lluboga6
It's Day 22 of 30 Days of Vision... prepare to be wowed by the AD insights and skillful sleight of hand of @TrimarcSecurity Senior Security Consultant, Brandon Colley (@TechBrandon).
You may have seen his talk on "Winning the Game of Active Directory" during DEF CON 32, but did you know that Brandon is also a whiz at performing card tricks? Last week, Brandon razzled and dazzled viewers during the Cybersecurity Cares streamathon and raised money for a great cause: @BeckysFund, a nonprofit on a mission to end domestic violence.
Today you can choose your VISION adventure... view Brandon's talk from DEF CON 32, or check out his card trick wizardry from the Cybersecurity Cares streamathon (or both!)
🎤 Winning the Game of Active Directory talk at @defcon 32:
https://t.co/pDq6zpsJXO
🎩 Brandon the Magnificent on the @Cybersec_Cares Streamathon:
https://t.co/vDoghokYO0
#30DaysOfVision
#30DaysOfVision - Day 21 - Collectibles.
We are an industry of proud nerds. Star Trek, Star Wars, Battlestar Galactica… collecting things IS our thing. 🤓 Trimarc Vision was built by those same nerds, so we gave you Collections of Forests.
A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.
Collections enable easy grouping/analysis of forests in your environment, easily accessible within the Trimarc Vision UI.
For more in-depth clicking around, check out https://t.co/cilpVshAvU
#30DaysOfVision - Day 20 - Mergers & Acquisitions + Comparing Forests.
Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A? Trimarc Vision for #ActiveDirectory can compare forests, displaying info like number and category of findings.
Trimarc Vision is available at Early Access pricing until the end of January, so visit https://t.co/cilpVsh2Gm to learn more and schedule a customized demo.
It's Day 19 of 30 Days Of Vision, and it's time for the final Trimarc Dragon's Breath newsletter of 2024, so get a good whiff. 🐉
Deck the domains, jingle those GPOs, and enjoy a plethora of AD security content, a great deal on Trimarc Vision, free security tools, and insights from Jake Hildreth, @Bandrel, Ram Jeyaraman, @Cyberagent101, @AugustVansickl2, Sarah Scott, @PyroTek3, James Davison, and @PhillipWylie of @thehackermaker.
https://t.co/XrIunExtXJ
#30DaysOfVision #ADsecurity #EnterpriseSecurity
Last Seen Users on Sotwe
Nihat
Seen from Turkey
Hazal Kılınç
Seen from Turkey
WANIMAL | Official
Seen from United States
cari janda yang setia
Seen from Singapore
Colillero
Seen from Ecuador
鱼s
Seen from United States
Wisata Malam
Seen from Indonesia
unpopular opinion
maya larasati
Seen from Indonesia
พิชญา
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers