Attack Path Effectiveness Review

Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC

Posted on January 13, 2022 by Nathan Noll

I briefly mentioned using DKIM to verify an email’s sender in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into how organizations can help stop email spoofing using a combination of three…

The post Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC appeared first on TrustedSec.

Continue reading Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC→

Real or Fake? How to Spoof Email

Posted on January 11, 2022 by Nathan Noll

I briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into why email sender addresses are so easy to forge and…

The post Real or Fake? How to Spoof Email appeared first on TrustedSec.

Continue reading Real or Fake? How to Spoof Email→

The Backup Paradigm Shift: Moving Toward Attack Response Systems

Posted on June 15, 2021 by Nathan Noll

Black Hawk Down I’m guessing a lot of us in the IT and Security space have experienced the gut wrenching feeling of not receiving that ICMP ping reply you were expecting from a production system, be it a firewall, switch, or server. Was there a recent configuration change that happened prior to the last reboot?…

The post The Backup Paradigm Shift: Moving Toward Attack Response Systems appeared first on TrustedSec.

Continue reading The Backup Paradigm Shift: Moving Toward Attack Response Systems→

ADExplorer on Engagements

Posted on April 27, 2021 by Amanda Mates

ADExplorer is a tool I have always had in my backpack. It can be useful for both offensive and defensive purposes, but in this post, I am going to focus more on its offensive use. The tool itself can be found here: https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer A typical scenario I often face on engagements is that I have…

The post ADExplorer on Engagements appeared first on TrustedSec.

Continue reading ADExplorer on Engagements→

Yes, It’s Time for a Security Gap Assessment

Posted on March 23, 2021 by Nathan Noll

For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely…

The post Yes, It’s Time for a Security Gap Assessment appeared first on TrustedSec.

Continue reading Yes, It’s Time for a Security Gap Assessment→

Two Simple Ways to Start Using the MITRE ATT&CK Framework

Posted on August 25, 2020 by Nathan Noll

While there is a wealth of free information intended to help larger organizations use the MITRE ATT&CKTM Framework, these resources often assume that the reader has dedicated security teams, deep technical skills, and/or a catalog of supporting security tools. But what if small organizations, compliance teams, or risk management professionals want to leverage ATT&CK? Never…

The post Two Simple Ways to Start Using the MITRE ATT&CK Framework appeared first on TrustedSec.

Continue reading Two Simple Ways to Start Using the MITRE ATT&CK Framework→

Using Effectiveness Assessments to Identify Quick Wins

Posted on June 23, 2020 by Nathan Noll

An organization’s overall security posture can be viewed from multiple different angles, such as technical assessments, program assessments, controls assessments, and risk assessments. A number of different frameworks for each of these assessment types exist, intended to help both technical teams as well as leadership organize security program building activities. Some of these include: Penetration…

The post Using Effectiveness Assessments to Identify Quick Wins appeared first on TrustedSec.

Continue reading Using Effectiveness Assessments to Identify Quick Wins→

Want Better Alerting? Consider Your Business Processes

Posted on May 19, 2020 by Nathan Noll

Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they…

The post Want Better Alerting? Consider Your Business Processes appeared first on TrustedSec.

Continue reading Want Better Alerting? Consider Your Business Processes→

The Three Step Security Strategy

Posted on October 8, 2019 by Nathan Noll

Why Does Strategy Matter? The term ‘security strategy’ can be ambiguous and often means different things to different people. Because of this, many organizations do not have a formalized security strategy and those that do may not have an effective one. This is understandable. Managing the day-to-day issues associated with a security program (alerts, audits,…

The post The Three Step Security Strategy appeared first on TrustedSec.

Continue reading The Three Step Security Strategy→

Top 10 MITRE ATT&CK™ Techniques

Posted on August 22, 2019 by Nathan Noll

The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) Framework (https://attack.mitre.org/) is “a globally-accessible knowledge base of adversary tactics and techniques” that is “open and available to any person or organization for use at no charge.” One of the most beautiful parts of the MITRE ATT&CK™ Framework is that its information can be analyzed to…

The post Top 10 MITRE ATT&CK™ Techniques appeared first on TrustedSec.

Continue reading Top 10 MITRE ATT&CK™ Techniques→