Security Guy TV: Threat Hunting with Scott Sutherland of NetSPI
On August 26, NetSPI’s Scott Sutherland was featured in episode 2732 of the Security Guy TV. You can read the summary below or watch the video online.
+++
- PowerHunt and PowerHuntShares are open-source tools useful for 1) people hunting for vulnerabilities in software or environments and 2) people looking for an active threat in an environment.
- PowerHuntShares looks for misconfigured network shares. It goes out to Active Directory, pulls down a full inventory of all the computers in the environment, and evaluates all of their shares to identify which ones are the highest risk.
- PowerHunt identifies existing threats in an environment or potential existing threats. It goes out to Active Directory and pulls down a list of all the computers in the environment. Then it uses PowerShell remoting to collect data from 25 different data sources to hunt for malicious activities.
- Ransomware threat actors share a lot of common behaviors: clearing security logs, using standard persistence methods, etc.
- Zero trust is a natural evolution of the Principle of Least Privilege.
- Open source is a great way to help people learn, grow, network, and collaborate. It helps generate awareness of issues – like the share problem – and acts as a leverage for companies to go and get budget for commercial tools that can do ongoing monitoring or identification of issues in the environment.
Explore More News
Proof Over Promises: A New Doctrine for Cybersecurity
As cyberattacks grow in frequency and sophistication, traditional assurances like contracts and certifications are no longer sufficient. Instead, vendors must actively demonstrate their security resilience through measurable and continuous validation, such as penetration testing. This proactive approach not only strengthens vendor-customer relationships but also mitigates risks in an increasingly interconnected and vulnerable digital landscape.
The Age of Promises is Over, Vendors Must Now Lead with Evidence-Based Assurances
In today’s evolving cyber threat landscape, traditional vendor assurances like contracts and periodic audits are no longer sufficient. Sam Kirkman emphasizes the need for vendors to shift from trust-based compliance to evidence-based security, where measurable and continuous validation replaces outdated promises.
NetSPI Redefines Pentesting with New User Experience
NetSPI, the global leader in modern penetration testing, today announced a new, modern user experience for the NetSPI platform, reimagining what penetration testing should feel like for today’s enterprise: focused, fast, and easy.