When someone doesn't know or understand something, often their first reaction is to make fun of it. Sadly, these days, to their own detriment, they do so publicly on social media. Little do they realize that everything they utter can be seen by the whole world, and by sharing their ignorance on social media with the world, they show the whole world how little they actually know.
For example, consider this individual. Perhaps he knows just enough English to see our homepage, but not to be able to go beyond it, to say this one, or this one, so he publicly and slightingly wonders who we are and asks if anyone's heard of us. I wonder if it might have ever occurred to this individual that perhaps our low-profile until now, may have been by intent. For this individual, and anyone else on Twitter etc., if you want to know who we are, please call Scott Charney at Microsoft.
One of Many Examples
Or for example, this individual, who said regarding Active Directory Privilege Escalation - "That's it? Make sure your delegation is tight and...no big deal."
Wow. Great advice! Since you make it sound so simple, now why don't you (i.e. this individual) also tell them (i.e. the world) HOW to do so i.e. how to tighten their delegation(s) in their Active Directory domains easily comprised of 1000s of objects?!
You see, this individual likely has no idea HOW to actually do so. If he did, he'd know just how extremely difficult it is to do so, and I doubt would've said - "no big deal!" In fact, I wonder if he even knows that because it is so difficult to do so, hardly any organization in the world (including his past employers, or Microsoft for that matter) may have ever actually accurately done it?
So let me give him, his friends, and the whole world a hint - the very first thing you need to do to tighten your delegation(s) is to assess your current delegations across Active Directory, and to do so you need to be able to determine effective privileged access across the entire Active Directory domain, i.e. on thousands of objects in Active Directory, accurately.
Even the $450 Billion Microsoft Corporation may not know how to do this. But for this individual, its "no big deal."
If he knew this, I'm not sure he might have publicly said - "no big deal!"
In fact, if he, or anyone in the world, can accurately determine effective permissions / effective access across an Active Directory domain, please go ahead, show us and the entire world how you would do so. Please. Be my guest. I insist!
Unequivocal Clarity
For anyone on Twitter who wishes to slight us without substance, let's just make this really simple for you once and for all.
Please know that if you slight us, and there's no substance to it, we too MAY share your ignorance with the WHOLE world.
By the way, if you haven't heard about us yet, its only because for the longest time, we kept a low-profile. Please know that in the last 10 years, 10,000+ organizations from 150+ countries have knocked at our doors, unsolicited, and know who we are. Today our reach is global, and in minutes, we too can have 1000s of folks across 150+ countries learn about you ignorance.
So, to the 1% who may do so, if there's no substance, please don't embarrass yourself by making childish comments. (It's a free world and you're welcome to, but know that the whole world's watching, and they'll know just how much (or little) you know.)
Talk is cheap, actions are not.
Best wishes,
Sanjay
PS: It would be refreshing to actually see someone say something intelligent on the subject. Unfortunately, I've only heard noise. No matter how much, noise is just noise. My time is valuable so I'll tune back in when I've heard something intelligent. Perhaps its time to stop talking for a bit and start reading.
