-
Attackers think in graphs (
@JohnLaTwC) and have tools for that (#BloodHound by@harmj0y,@_wald0,@CptJesus) Now the defenders can, too! Kudos to my former colleagues in#MicrosoftATA for releasing it. https://docs.microsoft.com/en-us/advanced-threat-analytics/use-case-lateral-movement-path …pic.twitter.com/qf5Cncaql7
-
If you are in the process of considering
#MicrosoftATA you should also take into consideration#AzureATP - https://www.youtube.com/watch?v=KX-xpFc0sBw … - Basically you can get away with only installing sensors on on-premise DC's and let the MS cloud be your Center server.#Awesome -
#AzureATP Sensor and#MicrosoftATA Gateway on the same domain controller. Amazing performance improvement by@i3arnon's team.pic.twitter.com/9iufxExLME
-
#PowerShell Module simplifies interfacing with#MicrosoftATA Center from CLI github: https://github.com/Microsoft/Advanced-Threat-Analytics … …@mike_kassispic.twitter.com/wvAfyNeyI7
-
High level summary now published to understand alerts & detections for suspicious activities w/
#MicrosoftATA https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide … -
In a mtg w/ a CISO today "Why haven't we deployed
#MicrosoftATA yet when we have licenses?
Pls send an email to the team NOW with 'WTF??'"
-
Check to make sure DCs are collecting events needed by
#microsoftATA with this script https://blogs.technet.microsoft.com/positivesecurity/2017/08/18/ata-auditing-auditpol-advanced-audit-settings-enforcement-lightweight-gateway-service-discovery/ …@ciberesponce#security -
[Blog] Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts & Microsoft's response.
#MicrosoftATA http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day5.html … -
[Blog] Week of Evading Microsoft ATA - Day 4 - Silver ticket, Kerberoast and SQL Servers
#MicrosoftATA#RedTeam http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day4.html … -
#MicrosoftATA 1.8 is officially out! Read all about it at https://blogs.technet.microsoft.com/enterprisemobility/2017/07/26/introducing-microsoft-advanced-threat-analytics-v1-8/ … -
how fast would you notice a new domain controller
#MicrosoftATA with a little help from powershell from@LazyWinAdm http://flemmingriis.com/count-your-domain-controllers-often-and-always/ … -
Great stuff! A relevant talk from last
#BlueHat at https://m.youtube.com/watch?v=HE7X7l-k-A4 … Working on it#microsoftATA@simakov_marinahttps://twitter.com/porterhau5/status/846437254675488769 …
-
You can't fix what you can't see. If you use AD, you should really be looking at
#MicrosoftATA https://twitter.com/hhainsworth/status/807643087627399168 …
-
One weird trick by
@ItaiGrady of the#MicrosoftATA team to break a common enumeration method https://gallery.technet.microsoft.com/Net-Cease-Blocking-Net-1e8dcb5b …pic.twitter.com/xcePpyZaJO
-
If you hunt for compromised accounts or intrusions, check out
@TalBeerySec's tweets on the#MicrosoftATA release. https://twitter.com/TalBeerySec/status/771079477183021058 … -
Use
#MicrosoftATA or write an IDS rule based on the#MS14068 exploit traffic. https://adsecurity.org/?p=763 https://twitter.com/TalBeerySec/status/747565789243379713 …
-
My "Protecting browsers’ secrets in a domain environment" talk
@BsidesTLV#Mimikatz#MicrosoftATA http://www.slideshare.net/ItaiGrady/protecting-browsers-secrets-in-adomainenvironment … via@SlideShare
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.