Summary
In this episode of the Phillip Wylie Show, Sean Metcalf, an expert in Active Directory security, discusses his journey into cybersecurity, the evolution of Active Directory and Azure AD, and the common mistakes organizations make in cloud security. He emphasizes the importance of security assessments over penetration testing and shares insights into Trimarc's unique approach to security assessments. Sean also highlights the significance of scripting in security roles and discusses the future of Active Directory in hybrid environments. The episode concludes with information about Trimarc's new product, Trimarc Vision, aimed at enhancing Active Directory security.
Takeaways
- Sean Metcalf has assessed environments with up to 960,000 users.
- Active Directory security is often overlooked in organizations.
- Many organizations are making the same security mistakes in the cloud as they did on-premises.
- Security assessments are crucial for identifying potential vulnerabilities.
- Trimarc uses proprietary tools for in-depth security assessments.
- Scripting knowledge, especially in PowerShell, is beneficial for security professionals.
- Active Directory is not going away anytime soon due to legacy applications.
- Organizations should conduct security assessments every couple of years.
- Trimarc's assessments provide actionable insights for improving security.
- The new Trimarc Vision product aims to enhance Active Directory security monitoring.
Sound Bites
- "It's been quite a year."
- "I saw something change in the URL."
- "We're the identity experts."
Chapters
00:00 Introduction to Active Directory Security
03:33 Sean Metcalf's Hacker Origin Story
06:20 The Evolution of Active Directory and Azure AD
09:31 The Importance of Specialization in Cybersecurity
12:30 Active Directory Security Challenges
15:39 The Role of Security Assessments
18:26 Comparing Trimarc and Bloodhound
20:56 Understanding Active Directory Security Assessments
22:35 Getting Started in Active Directory Security
25:30 The Importance of Scripting in Security
34:43 The Hybrid Environment: On-Prem vs Cloud
37:23 Trimarc's Unique Services and Assessments
40:17 Frequency of Active Directory Assessments
42:21 Introducing Trimarc Vision
Resources
https://www.linkedin.com/in/seanmmetcalf/
https://www.linkedin.com/company/trimarcsecurity/
https://www.trimarcsecurity.com/
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Are You A Charlotte?
In 1997, actress Kristin Davis’ life was forever changed when she took on the role of Charlotte York in Sex and the City. As we watched Carrie, Samantha, Miranda and Charlotte navigate relationships in NYC, the show helped push once unacceptable conversation topics out of the shadows and altered the narrative around women and sex. We all saw ourselves in them as they searched for fulfillment in life, sex and friendships. Now, Kristin Davis wants to connect with you, the fans, and share untold stories and all the behind the scenes. Together, with Kristin and special guests, what will begin with Sex and the City will evolve into talks about themes that are still so relevant today. "Are you a Charlotte?" is much more than just rewatching this beloved show, it brings the past and the present together as we talk with heart, humor and of course some optimism.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.