Trimarc

Excited to announce that @TrimarcSecurity and @TrustedSec are joining forces. Happy to welcome over the amazing #Trimarc folks led by @PyroTek3 over to the #TrustedSec team and further expand our capabilities at TS. prweb.com/releases/trima…

❌ Admins, please block Device Code Flows (DCF) in your tenant today!! In the post below I share how device code phishing works, the CA policy to create and finally show how it get's blocked with the policy. 🧵👇

Behind every major hack is: A complex technical explanation A human story And usually a really dumb mistake I tell all three.

Join us in 30 minutes for a REstream of our previous Happy Hour episode: 11 am PT / 2 pm ET 💥 Hacking Demystified, featuring @HackingDave It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at spotify.trimarcsecurity.com/4h0Zlt8

Grab the fresh release of Locksmith to help secure your Active Directory Certificate Services in 2025! This free tool now includes risk ratings and other improvements. Install-Module Locksmith -Scope CurrentUser github.com/TrimarcJake/Lo… #ActiveDirectory #ADCS #PKI #PowerShell

Through dragon’s fire, a spark ignites, A Vision burns through endless nights. To guard AD realms, to keep them clear, A more secure enterprise for this New Year. Thank you for joining us during this #30DaysOfVision adventure! Happy New Year from the Trimarc crew 🐉

@TrimarcSecurity If you have on prem AD you need this!

Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory. With dozens to hundreds of thousands of AD users often spread across multiple domains and forests, maintaining a strong security posture can be a daunting task. This is especially true when performing risk calculations, mergers and acquisitions, or conducting remediation planning. But with the Trimarc Vision dashboards, organizations can now have a unified view of their AD security, real-world based risk scoring, and prioritized remediation guidance - all in one powerful tool that’s quick to deploy and simple to implement. Early Access pricing wraps up at the end of January, so get a demo soon to see Trimarc Vision in action. trimarcvision.com #30DaysOfVision #ADsecurity #EnterpriseSecurity

Often, some of the most enlightening parts of a webcast or livestream are the questions that audience members ask at the end of a presentation. The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video. Questions included: 🔸 Are there plans to support Hybrid environments? 🔸 How are Service Accounts identified? 🔸 What AD level is required for Trimarc Vision to interrogate it? 🔸 How do you determine how the data was gathered? 🔸 Can alerts be generated if new vulnerabilities are generated? 🔸 Do you plan to add auto sync? 🔸 Is Trimarc Vision a real-time view? 🔸 How are risk scores calculated? 🔸 Do you offer an MSP license? 🔸 Does Trimarc Vision have an API/SIEM integration? 🔸 Can Trimarc Vision show AD health over time? 🔸 How does Trimarc Vision handle data security? 🔸 How do I sign up for Early Access to Trimarc Vision?* Check out the video to hear responses from our founder and CTO, Sean Metcalf (@PyroTek3): youtu.be/nR1fTfSjcmY?si… (*if you're considering signing up for Trimarc Vision, reach out soon, as Early Access pricing wraps up at the end of January)

#30DaysOfVision - Day 27 – Agents of Chaos. Any analyst or security engineer who has been around long enough has an intimate relationship with agent fatigue. It’s not enough to have to worry about the processing needs of an agent for every product, but also the greedy permission models that come with them. Too many product agents need the keys to your kingdom to be able to run. It’s enough already. We practice & preach the least privileged model. The Trimarc Vision agent does NOT need to be installed on a DC, nor does it need admin level access. We’re a guest in your house; you’ll barely know we’re here, and we’ll help with the dishes. 💗 Learn how Trimarc Vision can help your security team monitor #ActiveDirectory more efficiently in this video from our founder and CTO, Sean Metcalf (@PyroTek3): youtu.be/oXlTU7ibfWo?si…

This is Jim Sykora (@JimSycurity), Trimarc Security Consultant and author of an awesomesauce white paper, "Owner or Pwned.” Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references. Read the white paper to learn about discovering and remediating AD object ownership issues: bit.ly/TWOOP And since it’s Day 26 of #30DaysOfVision, we’d be remiss if we didn’t mention that Trimarc Vision checks for the ability to take ownership of privileged objects in #ActiveDirectory. Why is this important? Well, the default behavior in Active Directory allows the Owner of an AD Object to fully control that Object. Do you know who owns objects in your AD Forest? Do you know which AD Object Owners could compromise your AD Forest? Do you know who could own your AD Objects and who could Pwn your AD? Get instant answers to these and more questions with the dashboards in Trimarc Vision for Active Directory. Get a demo at trimarcvision.com

#30DaysOfVision - Day 25 - Criticality. Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality? We define them in Vision as we always have for our assessments like our Active Directory Security Assessment. The bar for Critical: One step away from total compromise of a domain or forest. Like this tasty morsel right here. For more information on Trimarc Vision for #ActiveDirectory and all of Trimarc's services, visit trimarcsecurity.com

💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett] We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise. #30DaysOfVision

#30DaysOfVision - Day 23 - Environment Risk Score (ERS) Whether it’s last-minute shopping, wrapping, or moving that dang Elf to a new place on the shelf, sometimes you just don't have the time for a deep dive to assess issues in your #ActiveDirectory environment. You need to see where the problem is and start focusing your efforts on remediation. Trimarc Vision's ERS is based on the severity of each individual Finding it uncovers. That way, you can fix what needs fixin’ in your AD environment and get right back to dreideling, wassailing, and decking the halls. trimarcvision.com

@muxluxx We appreciate you, @muxluxx!

Thank you to the @TrimarcSecurity team for sending me this! I just got this and it was a pleasure to present at #Tricon2024 Thank you again!! ❤️❤️❤️🥰 #itsecurity

It's Day 22 of 30 Days of Vision... prepare to be wowed by the AD insights and skillful sleight of hand of @TrimarcSecurity Senior Security Consultant, Brandon Colley (@TechBrandon). You may have seen his talk on "Winning the Game of Active Directory" during DEF CON 32, but did you know that Brandon is also a whiz at performing card tricks? Last week, Brandon razzled and dazzled viewers during the Cybersecurity Cares streamathon and raised money for a great cause: @BeckysFund, a nonprofit on a mission to end domestic violence. Today you can choose your VISION adventure... view Brandon's talk from DEF CON 32, or check out his card trick wizardry from the Cybersecurity Cares streamathon (or both!) 🎤 Winning the Game of Active Directory talk at @defcon 32: youtu.be/M-2d3sM3I2o?si… 🎩 Brandon the Magnificent on the @Cybersec_Cares Streamathon: youtube.com/live/4648dYf8c… #30DaysOfVision

#30DaysOfVision - Day 21 - Collectibles. We are an industry of proud nerds. Star Trek, Star Wars, Battlestar Galactica… collecting things IS our thing. 🤓 Trimarc Vision was built by those same nerds, so we gave you Collections of Forests. A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard. Collections enable easy grouping/analysis of forests in your environment, easily accessible within the Trimarc Vision UI. For more in-depth clicking around, check out TrimarcVision.com

#30DaysOfVision - Day 20 - Mergers & Acquisitions + Comparing Forests. Wondering how one of your existing forests measures up to another? Have questions about a potential new forest addition during an M&A? Trimarc Vision for #ActiveDirectory can compare forests, displaying info like number and category of findings. Trimarc Vision is available at Early Access pricing until the end of January, so visit TrimarcVision.com to learn more and schedule a customized demo.

It's Day 19 of 30 Days Of Vision, and it's time for the final Trimarc Dragon's Breath newsletter of 2024, so get a good whiff. 🐉 Deck the domains, jingle those GPOs, and enjoy a plethora of AD security content, a great deal on Trimarc Vision, free security tools, and insights from Jake Hildreth, @Bandrel, Ram Jeyaraman, @Cyberagent101, @AugustVansickl2, Sarah Scott, @PyroTek3, James Davison, and @PhillipWylie of @thehackermaker. linkedin.com/pulse/december… #30DaysOfVision #ADsecurity #EnterpriseSecurity