[INTERACTIVE BLOG] Did you like Choose Your Own Adventure books as a kid? Are you fascinated by Red Team adversary tradecraft? Would you like stories inspired from the best defenders? Then come Choose Your Own Red Team Adventure!

Check out our blog series about what we have seen with an uptick in #identity attacks and how companies have managed to not notice bad guys stealing + logging in with their credentials. 👇

@cyb3rops Very thorough. Thanks for sharing.

@ImposeCost @ItsReallyNick 🙌

@ItsReallyNick @ImposeCost Ok, I’ll go back in my startup cave now. 😇😎

@ItsReallyNick @ImposeCost And SOC analysts at MSSPs are an even different breed. It’s often an even more difficult challenge. So, we wrote about that, too:

So much poetry. So much AI. 🙃

Check out this amazing detection approach! … Followed by: - something cherry picked - unrealistic data - theoretical - not scalable - requiring some third party tool - requiring a paid license for a data format or integration - done in Excel - noisy - too gray … ^ 90% of social posts about new detection approaches

^ copy/paste from LinkedIn, but I suspect this audience (YOU) are more aware of this problem. Are you seeing this trend, too?

@jamieantisocial @matthewdunwoody @ItsReallyNick In fact, that’s one reason why we built @wirespeed_ to actually NOT use SSO. We still sync the directory and know when people come/go, but we have a very intentional wall between us and the customer’s environment.

“What’s the right tool for the job?” “It depends.”

RT @wirespeed_: Do you want to talk about it?

RT @wirespeed_: The book we are metaphorically writing.

@anton_chuvakin We need to catch up. 😇😎

☎️☠️

@ITguySoCal Do you happen to know if these RiskState values are more robust in their logic? `userPassedMFADrivenByRiskBasedPolicy` `aiConfirmedSigninSafe`

This is a #redteam technique that I somehow completely missed, but would have loved to use with phishes (and other things). Check it out! Also, please give @wirespeed_ a follow to see more like this.