Preview Mode Links will not work in preview mode

7 Minute Security

Sep 30, 2022

Today we're excited to kick off a new series all about blue team bliss - in other words, we're talking about pentest stories where the blue team controls kicked our butt a little bit! Topics include:

  • The ms-ds-machineaccount-quota value is not an "all or nothing" option! Check out Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Add workstations to domain.

  • We installed LAPS on Twitch last week and it went pretty well! We'll do it again in an upcoming livestream.

  • Defensive security tools that can interrupt the SharpHound collection!

  • EDRs are pretty awesome at catching bad stuff - and going into full "shields up" mode when they're irritated!