Domain of Thrones: Part II
Written by Nico Shyne & Josh PragerIntroduction Part IIIn the first installment of “Domain of Thrones,” we meticulously explored an array of six distinctive domain persistence techniques:Credential Theft on the Domain Controller (DC)NTDS AccessDCSyncGolden TicketDiamond TicketActive Directory Certificate Services (AD CS)These adversarial methods facilitate an elevated level of access to the targeted domains, ... Read More
Prioritization of the Detection Engineering Backlog
Written by Joshua Prager and Emily LeidyIntroductionStrategically maturing a detection engineering function requires us to divide the overall function into smaller discrete problems. One such seemingly innocuous area of detection engineering is the technique backlog (a.k.a. the detection engineering backlog, attack technique backlog, or detection backlog).The concept of incorporating a backlog ... Read More
