/Daniel Sheridan

About Daniel Sheridan

This author has not yet filled in any details.
So far Daniel Sheridan has created 2 blog entries.

Penetration Testing – What kind should you get


What’s in a Penetration Test? Penetration testing has become a standard requirement for the majority of our clients, and there are myriad factors that go into a successful penetration testing engagement for both the client and the evaluator.  Let’s take a look at what commonly comprises a penetration test, and the related testing actions that are performed. External Penetration Testing This is generally the type of test people think of when they hear about a Penetration Test.  An External Penetration Test is a simulated cyber-attack launched against the target institution and may include both technical and social engineering methods.  The [...]

Penetration Testing – What kind should you get2019-04-03T20:22:00+00:00

50 Shades of Administration – Managing Domain Admin Privileges


50 Shades of Administration During our work, both our auditors and engineers have noticed a common issue our clients large and small have – overly permissive administration accounts.  Many times, we see all IT users given a Domain Admin account, from the greenest helpdesk tech, to the person overseeing the network.  Microsoft’s Active Directory has a couple of different ways to grant rights to a user, group, or organizational unit, allowing the target the ability to perform certain tasks without giving them the keys to the kingdom.  Here are just a couple simple examples. In the Springfield.local domain, Lisa Simpson [...]

50 Shades of Administration – Managing Domain Admin Privileges2019-07-12T15:18:33+00:00