The Elephant in the Room: Why Security Programs Fail
As a Principal with Praetorian, I’ve had the privilege of working with hundreds of clients, from fast growth startups to Fortune 500 giants. As we’ve performed red team exercises simulating an advanced persistent threat against our clients, I’ve seen that (much) more often than not we are able to compromise their “crown jewels.” In several […]
A simple and effective way to detect Broadcast Name Resolution Poisoning (BNRP)
A natural question that arises after an organization experiences a BNRP attack is “How can this be prevented?” The answer is simple on paper. To completely mitigate the risk, legacy Broadcast Name Resolution protocols should be disabled by policy. This is easier said than done, especially on large networks where the necessary data flows of […]
Alibaba Cloud Cross Account Trust: The Confused Deputy Problem
In this second blog post in our series on cross-account trust, we explore Alibaba Cloud and the security implications of their trust model.
Google Cloud Platform (GCP) Service Account-based Privilege Escalation paths
This article examines a Google Cloud Platform (GCP) risk scenario, in which a malicious user can use their privileges in a compromised service to further escalate their privileges.
NIST Cybersecurity Framework Vignettes: Broadcast Name Resolution Poisoning
Our NIST Cybersecurity Framework Vignettes series focuses on the best applications of NIST CSF for your organization. This article addresses the tactic of Broadcast Name Resolution Poisoning.
NIST Cybersecurity Framework Vignettes: Phishing
This article examines the application of the NIST Cybersecurity Framework for addressing phishing concerns.
Attacking and Defending OAuth 2.0 (Part 1 of 2: Introduction, Threats, and Best Practices)
First of a two-part series discussing OAuth 2.0 from the perspective of a security engineer in both an offensive and defensive role
Active Directory Computer Account SMB Relaying Attack
This article outlines a unique Active Directory attack vector that arises when a computer account has administrative access to another computer.
Cloud Security and Architecture: The 8 Pillars
Praetorian has created a 8-pillar framework to simplify the assessment of multi-cloud environments across a broad client base. Together with proven methodologies for enterprise and product security, the framework provides a holistic approach to securing organizations from chip to cloud.
AWS IAM Assume Role Vulnerabilities Found in Many Top Vendors
Research by Praetorian has uncovered a common misconfiguration in Amazon Web Services Identity and Access Management Assume Role process. This post outlines the issue and how it can be mitigated.