logo

Kevin Joyce

Director of Product Management at Netwrix. Kevin has a passion for cyber security, specifically understanding the tactics and techniques attackers use to exploit organizations environments. With eight years of experience in product management, focusing on Active Directory and Windows security, he’s taken that passion to help build solutions for organizations to help protect their identities, infrastructure and data.
Identity
July 8, 2024

How to Backup Active Directory: A Step-by-Step Guide

Microsoft Active Directory (AD) is the primary authentication service used by a majority of organizations worldwide (roughly 90 percent). It stores critical business information on domain...
Cybersecurity
June 25, 2024

SMBv3 Vulnerabilities Explained

Workplaces have evolved. While hybrid and remote work existed before COVID-19, these working arrangements became even more prevalent during and after the pandemic. Today, workplaces offer the...
Identity
May 20, 2023

RID Hijacking: How Guests Become Admins

RID hijacking is a persistence technique used by adversaries who have compromised a Windows machine. In a nutshell, attackers use the RID (relative identifier) of the local Administrator account to...
Identity
April 28, 2023

Active Directory Security Groups vs Distribution Groups

Using groups is a best practice for Active Directory management. This article describes the two types of Active Directory groups — security groups and distribution groups — and offers guidance...
Cybersecurity
April 14, 2023

What Is Zerologon and How Do You Mitigate It?

Commonly referred to as Zerologon, CVE-2020-1472 is the Common Vulnerabilities and Exposures (CVE) identifier assigned to a vulnerability in Microsoft's Netlogon Remote Protocol (MS-NRPC). MS-NRPC...
Infrastructure
December 2, 2022

PUBLIC Role in Oracle

Roles make it easier to grant and revoke privileges for users of a relational database. Rather than managing privileges for each user individually, you manage privileges for each role and all...
Cybersecurity
November 29, 2022

Commando VM: An Introduction

What is Commando VM? Commando VM is a testing platform that Mandiant FireEye created for penetration testers who are more comfortable with the Windows operating system. Essentially, Commando VM is...
Identity
November 14, 2022

Active Directory Delegation Overview

Understanding Active Directory (AD) permissions is vital for cybersecurity, compliance and business continuity. In this blog, we’ll be going over, at a high level, how Active Directory permission...
Identity
October 13, 2022

Securing Your Group Managed Service Accounts

Group Managed Service Accounts Overview The traditional practice of using regular user accounts as service accounts puts the burden of password management on users. As a result, the account...
Identity
October 11, 2022

WDigest Clear-Text Passwords: Stealing More than a Hash

What is WDigest? Digest Authentication is a challenge/response protocol that was primarily used in Windows Server 2003 for LDAP and web-based authentication. It utilizes Hypertext Transfer...
Show more articles