Back to Newsletter Archive

Having trouble seeing this email. View it online.
Sword & Shield - Intelligent Security
Security Solutions for Peace of MindJuly 2015
Security's New Architecture
Security Has a New Architecture and It's More Than Protecting Your Perimeter
In the 1990s, protecting the perimeter and limiting employee access pretty much summed up how most businesses secured their network.

But, today, the introduction of mobile devices, Bring-Your-Own-Devices (BYOD) and cloud services means that only protecting the perimeter will not keep your intellectual property and key assets secure.

Are you and your security team rethinking your reliance on traditional firewalls and anti-virus measures? If not, you should be.

Securing your mobile devices should be at or near the top of your security needs. Employees expect access to company resources in order to perform their jobs better – their personal or company-issued mobile devices must be secure in order to protect your corporate data.

A mobile device is a computer and should be secure and compliant like a desktop computer.

The future of cybersecurity is virtualized. Businesses are moving threat detection and management to the cloud to achieve greater automation and to tailor their security to their specific business model.

Finally, as cyber threats continue to grow, more companies find that participating with a security partner helps them stay on top of emerging threats and changing compliance goals.

A Managed Security Services Provider (MSSP) is designed to address both security and compliance issues, including storage of log data, monitoring systems for security events and periodic scanning of systems for security vulnerabilities.

Security has a new architecture, and it involves so much more than putting up high walls and digging wider moats.

Contact us at (865) 244-3500 or secureme@swordshield.com to discuss how we can help secure your future.
Getting Hashes from NTDS.dit Files
Having completed many internal penetration tests for clients, I always want to collect the NTDS.dit file from a domain controller, if I get access. The primary reason I want to pull this file from a Windows Domain Controller is because I want a password for another account (to access the data I really want). Generally I want to access a MSSQL Database or some application where the Domain Admins do not have access, but other domain users have access.Some people might ask why I would not just change the password for the account that I was after — since I was the Domain Administrator. Changing passwords on accounts could alert users or administrators that something is happening.

This post is written with expectation that the person reading it has some technical knowledge of Windows systems, and processes involved with using and installing software.

See More
Alien Vault Certified Systems Engineer Training
Register for our Aug. 17-21 Alien Vault Certified Systems Engineer training held at our Knoxville office or online.

Operators with their ACSE certificate are highly valuable to government, MSSP and Enterprise employers around the world. With an ACSE on staff, Alien Vault customers will experience greater return on investment, better security and more efficient operational control.

Register Here