Today Cyber Security plays a paramount role in global security. On this blog, the CEO of Paramount Defenses shares rare insights on issues related to Cyber Security, including Privileged Access, Organizational Cyber Security, Foundational Security, Windows Security, Active Directory Security, Insider Threats and other topics.

November 22, 2012

Cyber-Security - Anonymous Cyberwar on Israel Seemed Simplistic and Israel's Claim of 44 Million Cyber-Attacks Seemed Overstated


Cyber-security, cyber-war and cyber-attacks all seem to be making headlines these days, especially in light of the hacker collective Anonymous publicly declaring 'cyberwar' on Israel, and Israel claiming that it has been hit with 44 million cyber attacks in the last week..

It seems that Cyber-<anything-to-do-with-IT-security> is getting a lot of importance these days with the likes of Richard A Clarke writing books on Cyber-War, governments setting up special Cyber-Security commands to combat it, security vendors you've never heard of, jumping on the band-wagon, and of course the media making a huge deal out of it without, in my humble opinion, truly understanding the difference between a simple cyber-attack and a sophisticated enterprise-security attack.

While cyber-security is very important, and should be taken seriously, it is imperative to understand the vast difference between simplistic cyber-attacks and sophisticated enterprise-security attacks.

As former Microsoft Program Manager for Active Directory Security, I thought I'd take just a few minutes to share a few thoughts in this regard with you, because undue attention on simplistic cyber attacks may detract organizations from protecting themselves from sophisticated enterprise-security attacks that could be far more damaging than basic cyber attacks.

[ For those of you who may not know this, from the United States Government to the Fortune 1000, at the very foundation of security of over 85% of all organizations worldwide, lies Microsoft's Active Directory technology. ]

Anonymous Cyberwar on Israel Seemed Simplistic and Israel's Claim of 44 Million Cyber-Attacks Seemed Overstated

The short of it is that Anonymous's 'Cyberwar' on Israel seemed rather simplistic, and Israel's claims of 44 Million Cyber-Attacks seemed over-stated, and that most organizations worldwide are in fact inadequately prepared to face and combat real, sophisticated enterprise-security threats.

In order to substantiate the claim, I'd like to humbly point out the difference between simplistic Cyber-Attacks and sophisticated Enterprise-Security Attacks, because this difference is rather important to understand, to comprehend just how much damage a real enterprise-security attack could inflict.

(Simplistic) Cyber-Attacks vs. (Sophisticated) Enterprise-Security Attacks

You might ask - "Aren't enterprise-security attacks the same as cyber-attacks?" Aren't they the stuff we all hear about in the news almost on a weekly basis, when the media sheds light some organization being "hacked"? You might also say, "Isn’t this what Israel’s finance minister Yuval Steinitz was referring to" when he said that Israel has successfully deflected 44 million cyber-attacks on government websites.

The answer is NO. (At least not exactly.)

Although one could technically cover enterprise-security attacks under the umbrella of cyber attacks, there is a substantial difference between simple cyber-attacks and sophisticated enterprise-security attacks.

Much of the world populace hasn’t really heard about a sophisticated enterprise-security attack, or its impact, other than STUXNET I suppose, because a largely ignorant media has portrayed simplistic cyber-attacks as the main / predominant IT security threat. The reality however is that a targeted enterprise-security attack could inflict far more serious damage than a simple cyber-attack.

(Simple) Cyber Attacks

Cyber-attacks, generally, are attacks targeted at organizational websites accessible on the Internet and for the most part, try to exploit inherent design deficiencies in TCP/IP, the protocol upon which the Internet runs. 

For instance, the most common form of a cyber-attack involves sending a large number of requests to an organization’s website (SYN flood) resulting in a situation wherein the site’s legitimate users are then unable to access the website, because its resources are being consumed servicing incoming requests from computers being used to carry out the attack.

This is a very basic form of a DOS attack that could possibly even be launched by amateurs with just a little know-how, and often be enacted using automated programs, from virtually anywhere in the world. A variation of this attack involving the use of bots involves using a large number of hijacked computers from all around the world to attack the same website, and the attack then becomes a DDOS attack, the first D standing for Distributed. 

At worst, with such an attack you could bring down an organization’s website for a few minutes, but other than some downtime for a website, there’s not much real damage that they could cause. In all likelihood, this may very well have been what Israel's Finance Minister was referring to when he said that a single website was down for about 10 minutes, and then brought back up online.

Most such attacks are mere annoyances, and easy to carry out.

I suspect that the attacks alluded to by the Israeli Finance Minister are mostly of this kind and that 44 million is merely a count of the TCP SYN requests received by the Israeli government's web servers, I also suspect that these are the same kinds of attacks Anonymous is referring to in their claims to wage cyber-war against Israel.

While many organizations have Internet-facing websites, whether designed to share information, or enable electronic commerce, the actual corporate networks of most organizations are largely disconnected from their websites (, at least to some extent) or to be more specific, from the infrastructure that supports the Internet facing websites, which is usually placed in DMZs.

A majority of all "cyber-attacks" launched online are merely basic DOS/DDOS attacks trying to make websites unavailable. A small number of attacks involve successfully penetrating the infrastructure within the DMZ and could result in the compromise of any information stored in the databases in the DMZ, such as databases that facilitate the organization’s ecommerce offering, and result in the compromise of information such as credit-card numbers, and other such information stored in these databases. In comparison, relatively speaking, only a few attacks actually involve a successful penetration of the DMZ and a successful penetration of corporate networks via the DMZ.

In other cases, a cyber-attack might involve a malicious entity defacing a company’s website’s homepage and claiming that they “hacked”the organization, but in fact, all they did was go a little beyond a DOS attack in being able to gain modify access to the organizations’ external facing web-server. In addition to the embarrassment caused to the organization, I suppose the only other thing accomplished here is a temporary boost to the ego of whoever carried out the attack, and bragging rights for a few hours.

Then you've got the free email (e.g. Gmail, Yahoo, Hotmail etc.), Facebook, Twitter account hacking, but that's relatively easy and inconsequential that almost not even worth mentioning. Why? To begin with, if you're trusting anything in the hands of a free service offered to millions/billions, realistically, you'd have to be really naive' to expect that any of that information you upload to it, or communicate via it, would be completely secure at all times. (At any point, any one of thousands of IT personnel responsible for operating that service could possibly obtain access to your information, plus, a variety of ways designed to help you regain access to your account could be (mis-)used by any one of billions of people to compromise your account.) That's kid-stuff, so I'm not even going to touch upon it.

(Sophisticated) Enterprise-Security Attacks

Now, contrast such attacks to an attack specifically targeted to take out an organization’s IT infrastructure.
Such an attack would involve a digital payload designed by a specialist to compromise one or more critical IT components of an organization's IT infrastructure, such as its IT security infrastructure.

For example, imagine if a payload were written to take out the very foundational systems within an organization's IT infrastructure that provide the means to authenticate an organization’s users and/or that provide the means to authorize secure access to the entirety of the organization's IT assets.

The impact of the compromise of the very systems that provide authentication and authorization services to the entirety of an organization’s IT assets, is that it would instantly expose the entirety of the organization’s IT assets to the risk of compromise.

For instance, if a malicious entity were to build, deliver and have executed a payload to successfully take over an organization’s IT security infrastructure components (e.g. Kerberos KDCs, Active Directory etc.) virtually all of the organization's IT assets, such as its IP, R&D data, financials, customer information, strategic plans etc could all be instantly vulnerable to compromise.

Now, an IT security practioner might say that this is the reason we have layered security and that we deploy multiple layers of security above the platform. Well, the thing is that any layer of security that has a software component is running on the system too, and thus still relies on the system for its own trustworthiness.

For instance, anti-virus protection runs as a service on a computer. If you are an admin, you control the computer's system, and by virtue of that you can disable the anti-virus service on the system. By the same token, software running as system has complete control over the system, and thus on any applications/services running on that system. (Its called the Trusted Computing Base (TCB) of that system.)

So, if an attacker could successfully compromise the system itself, he/she would then in effect be the system and if you are the system, you, in all likelihood, can now circumvent virtually every other additional control deployed on top of the system to protect the organization’s IT assets.

An enterprise-security attack also often involves just one payload and a well-crafted payload only needs to be run once on a corporate computer, and there are numerous ways to get one payload to run once on any one computer within the organization.

This is why enterprise-security attacks also do not require that an organization's IT infrastructure necessarily be connected to the Internet, because payloads can be delivered in various forms, ranging from the use of social engineering to have an insider download and execute some code, to the use of legitimate fulfillment of IT needs, such as the delivery of a malicious payload disguised as an unsigned printer driver delivered as a software upgrade.

All in all, a targeted enterprise-security attack designed and carried out to take out critical components of an organization's IT infrastructure can have far greater impact, than any cyber-attack designed to temporarily bring down, deface or break-into and organization's customer-facing website.

Enterprise-security attacks are usually designed to target and take out critical components of the internal IT infrastructures of organizations, not the organization's pretty-looking external-facing websites places in DMZs.
It is such attacks that I am referring to as enterprise-security attacks.

Substantiating the Claim

In light of the above, I should perhaps substantiate my claim that Anonymous's 'Cyberwar' on Israel seemed simplistic, and Israel's claims of 44 Million cyber-attacks seemed over-stated.

If you read what the media has to report, it is virtually apparent that most of the cyber-attacks that were launched against Israel were mere DOS/DDOS attacks targeted at company websites.

As I indicated above, a majority of these attacks would have at most caused a denial-of-service (DOS) when legitimate users would try to browse the websites of the Israeli government organizations, and a minority may have been successful in getting modify access to the root web directory, thus defacing the website. In some cases, in order to bring the website backup online, the admins might have to reboot the systems and that could take a few minutes, so its quite possible that a few websites may have been down for a few minutes.

So, it doesn't seem like Anonymous was carrying out sophisticated attacks aimed at compromising the government's core IT infrastructures, which as I indicated earlier, may not even be directly connected to the Internet, or even so, they might be a few (router) hops out with intrusion-detection systems in place.

Anonymous certainly seems to have a lot of fervor but does not seem to have much in the way of the advanced technical sophistication required to enact a serious enterprise-security threat, at least just yet.

For instance, while they may be very good at good old fashioned network security attacks (i.e. exploiting inherent limitations of TCP/IP  carrying out DDOS attacks, engaging in password guessing/brute-forcing etc.), which are an archaic science today, they don't appear to be very good at systems security (attacking Kerberos, engaging in Active Directory Privilege Escalation etc.) yet. Based on what we've seen thus far as a part of their latest performace in waging 'Cyberwar' against Israel, their capabilities seemed rather simplistic.

As for suggesting that Israel's Claim of 44 Million Cyber-Attacks seemed over-stated / mis-represented, well, in light of the nature of attacks that are believed to have been carried out, it appears that the actual number of attack attempts may have been in the 1000s and that 44 million may be the number of TCP SYN packets that their entirety of their government's web servers may have received as a part of these attacks. Alternatively, 44 million may have been the number of computers used as bots to launch these attacks.

So, in all likelihood, its not that there may have been 44 million attacks, but that there may have been 44 million TCP SYN packets received during the course of these few days on their web servers, or that 44 million Internet-connected machines were used (largely remote-controlled) to launch these attacks.

Israel's finance minister said that they are "reaping the fruits on the investment in recent years in the development of computerized defense systems." I suppose they've invested heavily in trying to protect their systems from cyber-attacks aimed at their public websites and the protection of their DMZs.

However, I wonder if they're adequately protected when it comes to protecting critical components of their internal IT infrastructures (e.g. their Active Directory deployments) equally rigorously. Perhaps that's what the finance minister may have been alluding to when he added that "but we have a lot of work in store for us" in a written statement.

All said and done, while the emphasis ad importance given to Cyber-Security is good, it would also be helpful if folks actually understood the difference between simple Cyber-Security attacks and sophisticated Enterprise-Security attacks.

In fairness to them, I suppose they might claim that they include Enterprise-Security when talking about Cyber-Security, and if they do, then I must say, that in the interest of the public service, they need to communicate the vast difference between attacks to organization's websites and attacks to organizational IT infrastructures.

In Conclusion

Imagine a vast land with many fortresses.

Then imagine a little tent in front of each fortress designed to greet visitors to inform them about their fortress, provide helpful information, and possibly sell a few souvenirs.

Now imagine someone trying to shut down the tent, or change the poster that shows the fortress's name on top of the tent, or take the tent down. Doing either or all of the above would not materially impact the fortress a bit.

That is essentially your average simplistic cyber-security threat.

Then, fast forward to the use of advanced attack-vectors, and imagine James Bond skydiving into the fortress at night, then using electro-magentic radiation to disable all the metal locks on all the doors within the fortress and possibly to the fortress itself,  making room for an army to invade the fortress overnight.

That is essentially your average sophisticated enterprise-security threat.

So, you see, there is a vast difference between taking the tent-out and taking the fortress out.

Best wishes,

PS: I apologize if this wasn't written perfectly. I only had 15 minutes to put this together, given the sheer lack of time, given my responsibilities at Paramount Defenses. I trust that you'll get the drift.

November 13, 2012

Providing Thought Leadership in the Global Enterprise Security & Active Directory Security Space Across 100+ Countries Worldwide


Today, enterprise security plays a vital role in global security, because in today's digital world, from governments to business institutions, organizations are essentially digital fortresses, and it is enterprise security that enables secure access, both within and amongst these digital fortresses.

Today, there are also 1000+ vendors in the enterprise security space that offer a variety of security solutions ranging from anti-virus protection to biometric authentication, because there are numerous components to enterprise security, such as network security, endpoint-protection, two-factor authentication, mobile device security, secure data storage, secure VPN, identity management, access management, regulatory compliance,  and so on.

However, NONE of them are remotely as important as the protection of the very foundation of enterprise security itself, because if the very foundation of security is compromised, ALL of these instantly become virtually useless.

Active Directory is the Foundation of Enterprise Security Worldwide

Today, at the very foundation of enterprise security in over 85% of these digital fortresses lies Microsoft's Active Directory technology, the bed-rock of the 3As of security, Authentication, Authorization and Auditing, which together enable and facilitate least-privileged access to organizational IT assets/resources.

Thus, the security of the Active Directory itself is of paramount importance, because the compromise of an organization's foundational Active Directory deployment would be tantamount to the compromise of its very foundation of security, and when the foundation of security is compromised, every IT asset protected by the foundation is in jeopardy of being compromised.

Providing Thought Leadership in the Global Active Directory Space

At Paramount Defenses, we understand firsthand both, the importance of securing and defending foundational Active Directory deployments worldwide, as well as what it takes to adequately secure and defend them.

We thus develop and deliver the world's most valuable and innovative Active Directory Security solutions to help organizations efficiently and reliably secure and defend their foundational Active Directory deployments -

In addition, we also help organizations worldwide gain a deeper understanding of what it takes to adequately secure and defend their foundational, mission-critical Active Directory deployments.

We do so by operating and leading the world's largest community of IT professionals focused on the vital field of Active Directory Security, the Active Directory Security Professionals Group on LinkedIn.

Today our 1500+ member strong global community is comprised of Active Directory security practioners from 100+ countries worldwide and includes some of the world's finest IT professionals from some of the world's most prominent organizations, such as –
Paramount Defenses Microsoft Goldman Sachs
U.S. Army Boeing Israeli Air Force
Lockheed Martin IBM General Electric
Bank of America JP Morgan Chase Credit Suisse
Wells Fargo Wachovia Bank Bank of Kuwait
Hewlett Packard Dell Siemens
Arcelor Mittal FedEx Brazilian Stock Exchange
U.S. Department of
Homeland Security
Lloyd's of London U.S. Department
of Energy

Together, we help organizations worldwide measurably enhance the protection afforded to foundational Active Directory deployments, and in doing so, we help measurably improve enterprise security across the world.

True Thought Leadership

When it comes to the Enterprise Security space, nothing is more important than protecting the very foundation of security, and based on experienced insight we laid out our vision for trustworthy foundational security half a decade ago, well before the Symantecs and the Dells of the world.

But mere words are cheap, which is why we demonstrate Thought Leadership not in words, but in action.

Best wishes,

October 1, 2012

Active Directory Security - Mission-Critical To Global Security


As you may know, from the US Government to the Fortune 1000, at the very foundation of security of over 85% of all organizations worldwide, lies Microsoft's Active Directory, the bedrock of identity and access management and distributed/enterprise security (authentication, authorization, auditing.)

Active Directory - The Very Foundation of Security Worldwide

The compromise of an organization's Active Directory is tantamount to the compromise of the very foundation of the organization's security. Consequently, Active Directory Security is mission-critical to organizational security today.

As mission-critical as it is, in our experience, we have found that very few organizations actually understand how critical it is to their security, how vulnerable it potentially is to attack, how vast its attack surface, how to adequately protect it, and what the consequences of an Active Directory attack could be to their organization.

Active Directory Security is Mission-Critical To Organizational Security

In an effort to help organizations and IT administrators worldwide obtain a better understanding of this mission-critical component of global security, I've asked my staff to share knowledge on the most salient of aspects of Active Directory Security, via the following -

Active Directory
ACL Viewer
AD Permissions
Active Directory Security Analysis Active Directory
Access Manager
Active Directory
ACL Exporter
Active Directory
Token Viewer
Active Directory Security Audits Active Directory Security Active Directory
Access Audits
Active Directory
Security Explorer
Active Directory Delegated Access Active Directory Security Audit Reports Active Directory Security Active Directory Access Audit Reports Active Directory Resultant Access
AD Reporting
Active Directory Permissions Analysis Identity, Security
and Access Blog
Active Directory Effective Permissions Free Active Directory
/AD Reporting Tools
Active Directory Audit Tool Active Directory
Password Resets
Active Directory
Risk Assessments
Active Directory
Delegation Risks
Active Directory Reporting Tool

In days and weeks to come, you can expect us to share valuable information on Active Directory Security with organizations worldwide, so they can adequately protect their Active Directory, and thereby adequately protect the very foundation of their security.

In addition, via the Active Directory Security Blog, we will ask some of the most valuable and pertinent questions on the the subject, as well as provide answers, so organizations worldwide can adequately secure and defend their mission-critical Active Directory deployments from harm.

Kindest Regards,

July 13, 2012

The Perfect Security Storm May Be Brewing for Organizations Worldwide


Over the last few years, we’ve had the opportunity to work with thousands of prominent business and government organizations worldwide. In our experience, we've found that most of these organizations seem largely unprepared to deal with some of the most serious threats to their security today.

To make matters worse, we suspect that malicious perpetrators may have gotten the drift of some of these serious threats, and could very well be working on exploits.

We fear that the perfect security storm may very well be brewing for these organizations.

We hope that it does not ever come, because if it does, we fear that it could end up indiscriminately rattling many an organizational ship, unless organizations are prepared for it, because its attack surface, like the open oceans, is vast, because it could arrive with little or no warning, and because it has the potential to swiftly punch gaping holes in the very hulls of these ships.

(The vagueness is intentional, because in the public domain, everyone has equal access to this note. The wise however, will get the hint, and to the intelligent, a hint is enough.)

Best wishes,

July 2, 2012

Dell Acquires Quest Software - Thanks, Mr. Dell


Its official – Dell and Quest Software today announced they have entered into a definitive agreement for Dell to acquire Quest.

Michael Dell

Michael Dell

Such desperation on Dell’s part to recently establish a Software Group to diversify its business, and now pay 50x earnings for Quest Software, and make it the "core" of its software business clearly indicates that it doesn’t see its hardware business improving anytime soon.

I suppose Quest’s customers can expect the following in months to come –
  1. Discontinuation of Certain Products
  2. Deterioration of Product Capabilities  
  3. Transition to Customer Service from India
  4. Departure of Sales/Dev Employees

Anyway, I just wanted to thank Mr. Dell for setting a precedent - 50x is the new multiple for acquisitions in the Windows Management / Active Directory Solutions space, and that’s just for commodity solutions.

Mr. Dell, by the way, here's Security 101 for you - I doubt your own IT folks can tell you exactly how many people can reset your password and login as you today. Unfortunately for you, neither can Quest Software.

No worries, we can help you answer that question, in about 2 minutes - here you go (; it's child's play for us, powered by our innovative, patent-pending, Microsoft-endorsed, resultant-access assessment technology). 

Alright back to work now.

Best wishes,

PS – Evercore's Rob Cihra, echoes/validates my thoughts - "Dell is “rolling up a rollup...    ...We see Dell taking on the challenge of trying to build out its new software identity by acquiring a company that seemed unable to fully figure out its own identity.

June 16, 2012

Michael Dell Demonstrates Desperation, Inexperience in Decision to Acquire Quest Software


Ordinarily, I couldn't be bothered about some petty $B transaction, but since this impacts our global customer base as well, its worth taking a few minutes to shed light on.

This weekend, two companies, Dell and Quest Software are reportedly in talks to close an acquisition deal valued at $ 2.15 B.

For those not in the know, Quest Software recently decided to play high-stakes poker by involving their friend “Insight Ventures” to create a window-of-opportunity for potential acquirers to engage in a bidding war. By setting a base price of US $2B, they ensured that any offer made would exceed that unearthly amount (50x 2011 earnings!)

As I had predicted, no company other than Dell ended up making a matching offer, in all likelihood, because they know Quest is not worth $2B.

However, fortunately for Quest Software, Dell’s been having a pathetic few quarters, so the need to demonstrate to shareholders that something is being done to alleviate the situation, drove Dell to make a desperate offer of a whopping $2.15 B for Quest Software this weekend.

Dell’s shareholders should be worried.

Quest Software made $40M in earnings last year. At that rate, it would take Dell 50 years to get back just their investment. Even if they magically doubled Quest’s earnings, it would still take 25 years to get to that point.

How this acquisition will result in any net profit for Dell is unfathomable. Other than to boast of an enhanced software portfolio, at an exorbitant cost, and possibly demonstrate some progress to gullible shareholders, this is a losing proposition for Dell.

The funniest thing here is Quest Software’s existing investors suing Quest saying that the offer’s too low. They’re living in dreamland. Quest is not worth more than $1B by any reasonable standards, so they’re already getting an awesome deal. For them to think that a $2 B valuation is low, is for them to demonstrate being completely out of touch with reality.

But then, it’s a free market, you can’t stop gullible investors from making foolish moves. Some of us intimately cognizant of the landscape, are amused at Quest’s dabbles in high-stakes poker and Dell’s inexperience.

The only losers here seem to be J.P. Morgan Chase, RBC Capital Markets, Barclays Capital, and Vector Capital, each of whom Insight Ventures, a good friend of Quest Software, seem to have somehow convinced that Quest is worth $ 2B (i.e. even with 2011 net earnings being a petty $40M), so they could partake in footing the majority of the bill to take Quest Software private.

That’s all the time I have for this. Now if you’ll excuse me, we’ll go help organizations worldwide with mission-critical solutions to challenges the Quests and Dells of the world haven't the faintest idea how to solve!


July 02, 2012 update: Dell Acquires Quest Software

May 18, 2012

A $100B Question for Mark Zuckerburg and FaceBook's Investors


I've a simple $100B question for Mark and FB's investors, but before I can pop the question, perhaps I should setup the context.

Mark Zuckerburg. CEO, FaceBook

Today's IPO will value FaceBook at a little over a $100B.

There's only one reason for that valuation - about 1 billlion people on the planet supposedly use FaceBook, so FaceBook has the opportunity to display and monetize advertisements.

NOW, here's something to think about ...

In order to click on an ad and buy the advertised product a FaceBook user needs money. For most people, money comes from employment, so as long you or your provider's employed, all's well.

However, should you or your provider lose their job, or your employer be unable to employ you, you have no money to spend, and with no money to spend, you're not about to be spending either that amount of time on FB, or whatever little money you do have saved up, on products pitched by those ads.

So my simple $100B question, in layman's terms, to Mark and FB's investors is -

What will be the impact on FaceBook's business, should people have no money to spend on the ads you show them, and with no one clicking these ads, how many organizations will continue to pay FB to display these ads, irrespective of how FB ultimately gets compensated for these ads?

NOW, what could possibly disrupt the world's employers from employing these billion or so people, who (somehow find and) spend time on FaceBook? ... IT security breach that has the potential to threaten the very business of employers worldwide.

It turns out there is at least one credible unmitigated threat to the IT security of most employers worldwide, that could substantially impact their business, and their ability to employ people.

Should this unlikely scenario come to life, FaceBook's valuation, could lose a 0 or two.

Of course, in all fairness, should this scenario come to life, many an organization's valuation could lose a 0 or two, and the world could proverbially stop turning.

The point very simply is that brasstacks, from a valuation perspective, FaceBook is just about advertising, and while advertising is important for businesses, it is not more important than security. Never has been; never will be, because while advertising is about growing the business, security is about staying in business.

Just something to think about.

Best wishes,

PS: There is at least one such threat to organizations worldwide (but I'm not about to publicly comment on it. I'll give you this much though - the IT infrastructures of over 85% of all employers worldwide are powered by Microsoft's Windows Server platform.)

April 30, 2012

Introducing the Innovative Gold Finger Mini


Earlier today, we announced the world's first Corporate Identity Theft Prevention Solution, the innovative Gold Finger Mini -

Press Release on Yahoo Finance -

Press Release on PR Newswire -

As you may know, when performed legitimately, a password reset is an IT operation, but when performed with malicious intent, a password reset is tantamount to corporate identity theft.

Gold Finger Mini is quite simply the world's first and only solution that can instantly find out and reveal precisely who can reset your Windows corporate account password.

In fact, it can also instantly determine and reveal who can reset the password of any of your colleagues, and do so, at the touch of a button.

Thus, it can uniquely help you assess and lockdown the count of the number of individuals who possess the ability to reset your corporate account passwrod and login as you.

Gold Finger Mini is designed for organizational employees, so they too can partake in the the organization's IT security efforts, and it is available in one free, and three paid editions.

Now corporate users worldwide can instantly determine just how much of a risk of corporate identity theft they're at today, all at the touch of a button.

For more informaiton, please visit -

Best wishes,

April 25, 2012

The Experts Conference 2012 – For the Experts, by the Experts - So Here's a Question for these Experts


Time’s very valuable, and I couldn’t ordinarily be bothered about some conference. But since this one involves a gathering of experts, I figured I'd ask these experts just one basic, simple, elemental, fundamental question.

Q. Can they precisely determine who can reset their own account's password in their organization’s mission-critical Active Directory?

I don’t think so. Although I'd love to be wrong.

We can.

We can answer this question for our own accounts, and have the capability to answer this very question for the accounts of all of these experts. Not just for their accounts, for the account of every person in their organization; not just every person in their organization, every person in every organization running on Active Directory.

It turns out that this one single, simple, basic, elemental, fundamental question has to do with one of the toughest IT challenges for organizations worldwide. i.e. finding out exactly who has what native effective access in their mission-critical Active Directory deployments?

Not only is this very tough, its very important, or perhaps better phrased, its paramount.


Well, if organizations don’t even know precisely who has the keys to their kingdom(s), what could be more important than that?

Anyway, my time's up, so if you’ll kindly excuse me, I’ve got to get back to helping organizations worldwide obtain the answer to this one simple, basic, elemental, fundamental question.

In fact, on Apr 30, 2012, at exactly 8:00 am US Pacific Time, we'll do just that. I'm sure that our announcement will be of substantial interest to all attendees of the Experts Conference, esp. those attending the Keynote.

You’re welcome to check back here at 8 am US Pacific Time on April 30, 2012.


April 18, 2012

Unveiling the Powerful, Unrivaled, Gold Finger 5.0


On behalf of Paramount Defenses Inc, it is my pleasure to unveil Gold Finger 5.0, quite simply, the most powerful IT security analysis tool in the world -

Gold Finger

Gold Finger 5.0 delivers 7 powerful, unique and innovative security analysis capabilities for Microsoft Active Directory (AD), all at the touch of a button -
  1. Customized Security Audit Report Generation
  2. Complete Nested Group Membership Enumeration
  3. A Windows Security Access Token Viewer
  4. A Detailed Active Directory ACL Viewer and ACL Exporter
  5. The World's Most Powerful Active Directory Permission Analyzer 
  6. The World's First and Only Accurate Effective Permissions Analyzer
  7. The World's Only Accurate Effective Delegated Access Reporter

Gold Finger 5.0 uniquely fulfills the paramount need to determine who has what access, effective-access and delegated-access in AD, for 85+% of all organizations worldwide.

Simply put, it is the Ferrari of Active Directory Security Analysis Solutions.

Need one say more?

Gold Finger 5.0 was unveiled online at -

Best wishes,

April 13, 2012

The Ferrari of Active Directory Security Solutions


As you may know, with over 85% of organizations worldwide operating on Microsoft's Windows Server platform, Active Directory and its security are mission-critical to business.

At Paramount Defenses, we take the responsbility of developing innovative, high-value Windows Server and Active Directory security solutions that fulfill mission-critical security needs of organizations worldwide, very seriously.

Over the last few months, we have been working on arguably the most valuable Active Directory Security solution in the world. It is the culmination of half a decade of research and valuable feedback received from 1000s of organizations worldwide.

We like to think of it as the "Ferrari" of Active Directory Security Solutions -

When its ready, the world will hear its thunder. Stay tuned.