Trimarc Security

01/10/2025

Join us in 30 minutes for a REstream of our previous Happy Hour episode:

11 am PT / 2 pm ET
💥 Hacking Demystified, featuring Dave Kennedy

It's a replay of our previous livestream, but we'll be commenting LIVE on Twitch, so join the conversation at https://spotify.trimarcsecurity.com/3PsEe7n

01/01/2025

Through dragon’s fire, a spark ignites,
A Vision burns through endless nights.
To guard AD realms, to keep them clear,
A more secure enterprise for this New Year.

Thank you for joining us during this adventure!

Happy New Year from the Trimarc crew 🐉

12/30/2024

Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.

With dozens to hundreds of thousands of AD users often spread across multiple domains and forests, maintaining a strong security posture can be a daunting task. This is especially true when performing risk calculations, mergers and acquisitions, or conducting remediation planning.

But with the Trimarc Vision dashboards, organizations can now have a unified view of their AD security, real-world based risk scoring, and prioritized remediation guidance - all in one powerful tool that’s quick to deploy and simple to implement.

Early Access pricing wraps up at the end of January, so get a demo soon to see Trimarc Vision in action. https://spotify.trimarcsecurity.com/4gVJgET

12/29/2024

Often, some of the most enlightening parts of a webcast or livestream are the questions that audience members ask at the end of a presentation.

The questions our viewers asked at the end of our Trimarc Vision webcast were so good that we decided to break them out into a separate Q&A video.

Questions included:

🔸 Are there plans to support Hybrid environments?
🔸 How are Service Accounts identified?
🔸 What AD level is required for Trimarc Vision to interrogate it?
🔸 How do you determine how the data was gathered?
🔸 Can alerts be generated if new vulnerabilities are generated?
🔸 Do you plan to add auto sync?
🔸 Is Trimarc Vision a real-time view?
🔸 How are risk scores calculated?
🔸 Do you offer an MSP license?
🔸 Does Trimarc Vision have an API/SIEM integration?
🔸 Can Trimarc Vision show AD health over time?
🔸 How does Trimarc Vision handle data security?
🔸 How do I sign up for Early Access to Trimarc Vision?*

For Day 28 of , check out the Q&A video to hear responses from our founder and CTO, Sean Metcalf: https://spotify.trimarcsecurity.com/3BLO40N

(*if you're considering signing up for Trimarc Vision, reach out soon, as Early Access pricing wraps up at the end of January)

The Q&A portion of our webcast had the following audience questions:"Are there plans to support Hybrid environments?""How are Service Accounts identified?""W...

12/28/2024

- Day 27 – Agents of Chaos.

Any analyst or security engineer who has been around long enough has an intimate relationship with agent fatigue. It’s not enough to have to worry about the processing needs of an agent for every product, but also the greedy permission models that come with them.

Too many product agents need the keys to your kingdom to be able to run. It’s enough already.

We practice & preach the least privileged model. The Trimarc Vision agent does NOT need to be installed on a DC nor does it need admin level access. We’re a guest in your house; you’ll barely know we’re here, and we’ll help with the dishes. 💗

Learn how Trimarc Vision can help your security team monitor more efficiently in this video from our founder and CTO, Sean Metcalf:

How can Vision help your Security Team monitor Active Directory more efficiently?

12/27/2024

This is Jim Sykora, Trimarc Security Consultant and author of an awesomesauce white paper, "Owner or Pwned.” Jim smashes a year’s worth of research into 54 pages, complete with code snips, screenshots, and of course, Kenny Loggins references.

Read the white paper to learn about discovering and remediating AD object ownership issues: https://spotify.trimarcsecurity.com/49XMcys

And since it’s Day 26 of , we’d be remiss if we didn’t mention that Trimarc Vision checks for the ability to take ownership of privileged objects in . Why is this important? Well, the default behavior in Active Directory allows the Owner of an AD Object to fully control that Object.

Do you know who owns objects in your AD Forest? Do you know which AD Object Owners could compromise your AD Forest? Do you know who could own your AD Objects and who could Pwn your AD?

Get instant answers to these and more questions with the dashboards in Trimarc Vision for Active Directory. Get a demo at https://spotify.trimarcsecurity.com/41RtHtR

12/26/2024

- Day 25 - Criticality.

Let's dig a little more into Trimarc Vision's Findings. Obvious question: how does Trimarc define levels of criticality? We define them in Vision as we always have for our assessments like our Active Directory Security Assessment.

The bar for Critical: One step away from total compromise of a domain or forest. Like this tasty morsel right here.

For more information on Trimarc Vision for and all of Trimarc's services, visit https://spotify.trimarcsecurity.com/4fvnN4I

12/25/2024

💬 "Oh, there has to be something in the stocking that makes a noise. Otherwise, what is 4:30 AM for?" ~Death [in Hogfather, by Terry Pratchett]

We hope your holidays are warm, magical, and chock-full of your preferred level of festive noise.

12/24/2024

- Day 23 - Environment Risk Score (ERS)

Whether it’s last-minute shopping, wrapping, or moving that dang Elf to a new place on the shelf, sometimes you just don't have the time for a deep dive to assess issues in your environment. You need to see where the problem is and start focusing your efforts on remediation.

Trimarc Vision's ERS is based on the severity of each individual Finding it uncovers. That way, you can fix what needs fixin’ in your AD environment and get right back to dreideling, wassailing, and decking the halls.

https://spotify.trimarcsecurity.com/4gsJSSB

12/23/2024

It's Day 22 of 30 Days of Vision... prepare to be wowed by the AD insights and skillful sleight of hand of Trimarc Security Senior Security Consultant, Brandon Colley.

You may have seen his talk on "Winning the Game of Active Directory" during DEF CON 32, but did you know that Brandon is also a whiz at performing card tricks? Last week, Brandon razzled and dazzled viewers during the Cybersecurity Cares streamathon and raised money for a great cause:
Becky's Fund, a nonprofit on a mission to end domestic violence.

Today you can choose your VISION adventure... view Brandon's talk from DEF CON 32, or check out his card trick wizardry from the Cybersecurity Cares streamathon (or both!)

🎤 Winning the Game of Active Directory talk at DEFCON Hacking Conference 32:
https://spotify.trimarcsecurity.com/3PakkxD

🎩 Brandon the Magnificent on the Streamathon:
https://spotify.trimarcsecurity.com/3DvQ6Td

12/22/2024

- Day 21 - Collectibles.

We are an industry of proud nerds. Star Trek, Star Wars, Battlestar Galactica… collecting things IS our thing. 🤓 Trimarc Vision was built by those same nerds, so we gave you Collections of Forests.

A little harder to fit on a shelf, but it sure does look pretty in the Vision Dashboard.

Collections enable easy grouping/analysis of forests in your environment, easily accessible within the Trimarc Vision UI.

For more in-depth clicking around, check out https://spotify.trimarcsecurity.com/3BJkkSb

12/20/2024

It's Day 19 of 30 Days Of Vision, and it's time for the final Trimarc Dragon's Breath newsletter of 2024, so get a good whiff. 🐉

Deck the domains, jingle those GPOs, and enjoy a plethora of AD security content, a great deal on Trimarc Vision, free security tools, and insights from Jake Hildreth, Justin Bollinger, Ram Jeyaraman, Amr Ashraf, August van sickle, Sarah Scott, Sean Metcalf, James Davison, and Phillip Wylie.

https://spotify.trimarcsecurity.com/3VQtyD1

Welcome to December, the season of gift-giving, chestnuts roasting on open firewalls, and “Oh no, I left MFA disabled on prod.” It’s the time of year when security teams everywhere brace for a blizzard of phishing emails disguised as holiday e-cards from “HR.