Summary
In this episode of the Phillip Wylie Show, Sean Metcalf, an expert in Active Directory security, discusses his journey into cybersecurity, the evolution of Active Directory and Azure AD, and the common mistakes organizations make in cloud security. He emphasizes the importance of security assessments over penetration testing and shares insights into Trimarc's unique approach to security assessments. Sean also highlights the significance of scripting in security roles and discusses the future of Active Directory in hybrid environments. The episode concludes with information about Trimarc's new product, Trimarc Vision, aimed at enhancing Active Directory security.
Takeaways
- Sean Metcalf has assessed environments with up to 960,000 users.
- Active Directory security is often overlooked in organizations.
- Many organizations are making the same security mistakes in the cloud as they did on-premises.
- Security assessments are crucial for identifying potential vulnerabilities.
- Trimarc uses proprietary tools for in-depth security assessments.
- Scripting knowledge, especially in PowerShell, is beneficial for security professionals.
- Active Directory is not going away anytime soon due to legacy applications.
- Organizations should conduct security assessments every couple of years.
- Trimarc's assessments provide actionable insights for improving security.
- The new Trimarc Vision product aims to enhance Active Directory security monitoring.
Sound Bites
- "It's been quite a year."
- "I saw something change in the URL."
- "We're the identity experts."
Chapters
00:00 Introduction to Active Directory Security
03:33 Sean Metcalf's Hacker Origin Story
06:20 The Evolution of Active Directory and Azure AD
09:31 The Importance of Specialization in Cybersecurity
12:30 Active Directory Security Challenges
15:39 The Role of Security Assessments
18:26 Comparing Trimarc and Bloodhound
20:56 Understanding Active Directory Security Assessments
22:35 Getting Started in Active Directory Security
25:30 The Importance of Scripting in Security
34:43 The Hybrid Environment: On-Prem vs Cloud
37:23 Trimarc's Unique Services and Assessments
40:17 Frequency of Active Directory Assessments
42:21 Introducing Trimarc Vision
Resources
https://www.linkedin.com/in/seanmmetcalf/
https://www.linkedin.com/company/trimarcsecurity/
https://www.trimarcsecurity.com/
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.