Blog

Filter by Product:

Filter by Product:

Lines of code up close.

For Good Measure: The Imperative of Reclaiming Metrics Terminology

by QOMPLX | a month ago

In this recent USENIX article, co-authors Dan Geer (Senior Fellow at In-Q-Tel and widely recognized security and risk expert) and Jason Crabtree (CEO and co-founder of QOMPLX), explain why it is essential that we reclaim metrics terminology in cyber security.

READ MORE

Lines of code up close.

Active Directory Security: Trust but Verify

by QOMPLX | 5 months ago

Jason Crabtree, QOMPLX CEO & Co-founder, explains in an interview with SecurityGuy TV why security and risk teams have to be able to dig into some of the fundamental assumptions for Kerberos Security and Active Directory Security. Here are a few key takeaways from the interview.

READ MORE

Lines of code up close.

AI-based Identity Analytics

by Guest Author | 5 months ago

Few security teams pay sufficient attention to their Kerberos infrastructure – often citing its protocol complexity, as well as its operational ownership by IT. Despite the variety of telemetry being collected to your SIEM, you might be missing juicy stuff inherent in Kerberos-related activity.

READ MORE

Lines of code up close.

Golden Ticket Attack on Active Directory Federated Services

by QOMPLX | 6 months ago

In an industry that is rapidly moving towards identity-centric security, ADFS became a popular solution for providing smooth workflows to employees. However, the reality is that identity-based attacks have evolved that pinpoint specific weaknesses within ADFS.

READ MORE

Lines of code up close.

Kerberos Fundamentals

by QOMPLX | 6 months ago

Recently developed and readily available tools have revealed a fundamental vulnerability in Kerberos’ inability to validate its own ticket exchanges.

READ MORE

Lines of code up close.

Honesty about Effective Cyber Risk Modeling for Insurance Companies

by QOMPLX | 6 months ago

As cybersecurity plays a larger and larger role in daily lives and the global economy, there is growing importance to accurately understand and price cyber-related risks. Doing this correctly, is an important part of engendering better behavior...

READ MORE

Lines of code up close.

The Importance of Lateral Movement Detection

by QOMPLX | a year ago

Many of the most devastating attacks today rely heavily on privilege escalation and undetected lateral movement to obtain incrementally greater access to resources and services. These techniques typically involve exploitation of known vulnerabilities in the Kerberos protocol...

READ MORE