GYTPOL's Blog

Managing configurations, patching, and updating system controls is one of the most notably difficult things that any CISO has to deal with. Yet it is also among the most critical, as systems...

Most often I have found that the issue of addressing the problem is more pressing than simply identifying the threat. We have a massive, multi billion dollar, industry dedicated solely to “s...

It starts with good intentions — a temporary TLS downgrade for a legacy app, a local admin account to solve a quick issue, or a service account exempted from MFA to speed up automation. Seem...

Do threats against your Active Directory keep you up at night? Honestly, they should. Active Directory is critical as it controls access to your systems and data.

Albert Einstein once said, “If I were given one hour to save the planet, I would spend 59 minutes defining the problem and one minute resolving it.”

Odds are you have heard the wisdom that a defense is only as good as its weakest point. Which makes sense. After all, any strong defensive posture can only hold up if there are no fail point...

In the modern Microsoft environment, NTLM (“NT Lan Manager”) is a security threat you should keep an eye on. Especially when it’s about the cloud environment, Microsoft warns you to deny it ...

Attacks are becoming more sophisticated, hackers are becoming smarter, and so should be the defenders. The attacker eyeing your organization is looking for the misconfiguration that will let...

In my previous article I wrote about the importance of monitoring all endpoints in the organization for the existence of cached credentials. In this post, I'm going to explain what you can d...

When hackers are successful in accessing user credentials, they can access the resources of an organization and cause a lot of damage as they move laterally. This normally goes unnoticed as ...