ABOUT
Trimarc: From Trimarcisia, “feat of three horsemen,” was an ancient Celtic military cavalry tactic where there was always a rider ready to mount the horse of a fallen soldier.
Trimarc was named based on this approach - even if the initial mitigation fails, there are additional defensive layers to back that up.
Trimarc is a professional services company based out of Washington, DC that helps organizations secure their Microsoft platform, both on-premises and in the cloud. Founded by Sean Metcalf, a Microsoft Certified Master in Active Directory, Trimarc's mission is to help organizations better secure their critical IT infrastructure.
We focus on a “reality-based security model” which targets attacker tactics and how to best stop them. Our methodology identifies security issues in an organization attackers could exploit to fully compromise the environment and provide custom recommendations to effectively mitigate these issues.
Trimarc works on continuously developing defensive strategies to combat evolving attack techniques. We focus on defensive layers within the enterprise – while any single defense may fail, there are others that compensate for this and provide additional detection and/or mitigation for that area.
Our "sales calls" don't include marketing slides or slick sales pitches; we just want to hear about your concerns and challenges. If what we do aligns with what you need, we can talk about scoping and next steps!
Trimarc in the Press
2023
Strategies for securing identities in Azure Active Directory with Sean Metcalf
2021
Cloud Backup and Cloud Storage Guide
https://news.yahoo.com/cloud-backup-cloud-storage-guide-100001772.html
6 vulnerabilities Microsoft hasn’t patched (or can’t)
https://cybersecdn.com/index.php/2021/08/11/6-vulnerabilities-microsoft-hasnt-patched-or-cant/
CISA Launches JCDC, the Joint Cyber Defense
https://www.infosec-magazine.com/cisa-launches-jcdc-the-joint-cyber-defense/
Black Hat: New CISA Head Woos Crowd With Public-Private Task Force
https://threatpost.com/cisa-head-woos-security-crowd/168426/
Reproducing the Microsoft Exchange Proxylogon Exploit Chain
https://www.praetorian.com/blog/reproducing-proxylogon-exploit/
2020
Top 7 Hybrid Active Directory Security Sessions You Must Attend at Microsoft Ignite
Hybrid cloud complexity, rush to adopt pose security risks, expert says
2019
How Cybercriminals Break into the Microsoft Cloud
https://www.darkreading.com/cloud/how-cybercriminals-break-into-the-microsoft-cloud
2018
Exploring, Exploiting Active Directory Admin Flaws
W32.COOZIE: DISCOVERING ORACLE CVE-2018-3253
https://www.trustedsec.com/blog/w32-coozie-discovering-oracle-cve-2018-3253/
2017
Advanced Techniques Attackers Use to Crack Passwords
https://resources.infosecinstitute.com/topic/advanced-techniques-attackers-use-crack-passwords/
2016
Respect: Windows 10 security impresses hackers
https://www.csoonline.com/article/3107239/respect-windows-10-security-impresses-hackers.html
Windows PowerShell 5.0 Expected To Add Improved Security
https://redmondmag.com/Articles/2016/02/24/PowerShell-Improved-Security.aspx
Improved Security Coming to Windows PowerShell 5.0
https://mcpmag.com/articles/2016/02/24/improved-security-powershell.aspx
22 tips for preventing ransomware attacks
https://www.itworldcanada.com/article/22-tips-for-preventing-ransomware-attacks/380246
IT not doing enough to secure Active Directory, says expert