Today Active Directory Security is mission-critical to organizational security worldwide and thus mission-critical to Cyber Security worldwide. On this blog, former Microsoft Program Manager for Active Directory Security, and today, CEO of Paramount Defenses, shares valuable technical insights on Active Directory Security.

Friday, December 6, 2019

Its Time to Help Secure Active Directory Worldwide


I trust this finds you all doing well. It has been a few months since I last blogged - pardon the absence. I had to focus my energies on helping the world get some perspective, getting 007G ready for launch, and dealing with a certain nuisance.

Having successfully accomplished all three objectives, it is now finally TIME to help thousands of organizations worldwide adequately secure and defend their foundational Active Directory deployments from the proverbial SKYFALL(ing on them).

I'm BLOWN away by just how little organizations (as well as AD/cyber security companies) worldwide seem to know and understand not just the paramount importance of, but also what it takes to adequately ensure Active Directory Security.

When you know as much as I do, care as much as I do, and possess as much capability as I do, you not only shoulder a great responsibility, you almost have an obligation to educate the whole world about cyber security risks that threaten their security.

So, even though I barely have any time to do this anymore, in the interest of foundational cyber security worldwide, I'm going to start sharing some valuable perspectives again, and do so, on three blogs - this one, that one, and the one below.

Speaking of which, earlier this week, I had the PRIVILEGE to launch the official PD blog -

Stay tuned for high-value AD security insights right here from January 06, 2020 onwards,
and let me take your leave with a befitting (and one of my favorite) songs(s)  -

Best wishes,

PS: Just a month ago, the $ Billion Czech cyber security company Avast was substantially compromised, and guess what the perpetrators used to compromise them? They used the EXACT  means I had clearly warned about TWO years ago, right here.

Friday, February 1, 2019

Pardon the Delay


I trust this finds you doing well. The last time I blogged was on Nov 05, 2018, and I had said that it was time to help Microsoft and the world better understand Active Directory Security and that I would be sharing additional insights starting Nov 18, 2018.

Please pardon the delay - something important came up, and
today I'd like to share with you the reason for this delay...

One of the World's Most Powerful Defense Organizations Requested Our Assistance

Back in Nov 2018, just as I was about to start blogging that series, one of the most powerful defense organizations in the world reached out to us requesting our assistance in correctly identifying privileged users within their foundational Active Directory.

(You see, organizations that actually understand Active Directory Security know that there is ONLY one way to correctly identify privileged access in Active Directory. Organizations that don't yet know this simple fact still resort to acquiring and using what basically are petty but pretty looking Active Directory permissions analyzers (and there still are 1000s of such organizations.))

Whilst we were happy to assist them, due to certain operational constraints, it turned out that in order for us to help them, we would have to make some non-trivial changes to Gold Finger. This was very important for them so we went straight to work.

We put our entire development team to work, and we worked 60 days straight without taking a break; there were no Christmas holidays, no New Years holidays, no weekends. There was only work, and within 60 days we had made and thoroughly tested all the enhancements required for us to be able to assist this one particular organization, and as a result, 1000s of others.

As Gold Finger's architect, I too was substantially involved in the process, and as a leader, I too worked 60 days straight, and it is my privilege to share that earlier today we officially released Gold Finger version 6.5, complete with all the required changes.

Introducing Gold Finger 6.5

Earlier today, we announced the release of Gold Finger v6.5, featuring amongst other enhancements, support for Windows 10.

Here's the Press Release from this morning - Paramount Defenses Releases Gold Finger Version 6.5

Gold Finger v6.5

If you can touch a button, you can now instantly, automatically and accurately determine exactly who has what privileged access, where and how, in any Active Directory, and on any Microsoft Windows operating system, including Windows 10!

The free version of Gold Finger v6.5 is also available at -

With this little but important detour out of the way, you can expect me to get back to some blogging one of these days because Microsoft and thousands of its customers worldwide still seem to need of help understanding the very basics of Active Directory security i.e. without the ability to accurately determine effective permissions in Active Directory, you cannot secure a single object in Active Directory, and by corollary you can't accomplish a single Active Directory security related objective, and that includes all the latest buzzwords - Privileged Access Management, Privileged Account Discovery, Zero-Trust, Blah Blah, etc. etc.

So, thank you for pardoning the delay, and stay tuned!  

Any day now!

Best wishes,