Threading the Needles: Why Defense in Depth Still Matters

Threading the Needles: Why Defense in Depth Still Matters

By Mike Saunders | January 6, 2021

I recently performed an assumed breach test against what I would consider an Apex Defender organization. The security team is smart, well-funded, extremely capable, and resourceful. The team has both […]

Learn More
Threading the Needles: Why Defense in Depth Still Matters

Deceiving the Red Team with GPP

By Mike Saunders | March 24, 2020

A common tactic used by pen testers, “red teams”, and threat actors is searching for Group Policy Preference (GPP) files with usernames and passwords. These XML files, stored in the […]

Learn More
Deceiving the Red Team with GPP