by Mike Saunders | Jan 6, 2021 | Blog Posts
I recently performed an assumed breach test against what I would consider an Apex Defender organization. The security team is smart, well-funded, extremely capable, and resourceful. The team has both hardened systems and instrumented great logging and monitoring....
by Mike Saunders | Mar 24, 2020 | Blog Posts
A common tactic used by pen testers, “red teams”, and threat actors is searching for Group Policy Preference (GPP) files with usernames and passwords. These XML files, stored in the domain SYSVOL, are used to create local administrator accounts, map...