Threading the Needles: Why Defense in Depth Still Matters
By Mike Saunders | January 6, 2021
I recently performed an assumed breach test against what I would consider an Apex Defender organization. The security team is smart, well-funded, extremely capable, and resourceful. The team has both […]
Learn MoreDeceiving the Red Team with GPP
By Mike Saunders | March 24, 2020
A common tactic used by pen testers, “red teams”, and threat actors is searching for Group Policy Preference (GPP) files with usernames and passwords. These XML files, stored in the […]
Learn More