The Vilkas Wire

Passing an audit doesn’t mean you’re secure. Here’s how to plan and scope a pentest that actually protects your business.Passing an audit doesn’t mean you’re secure. Here’s how to plan and scope a pentest that actually protects your business.

A misconfigured AD CS template (ESC1) can let any domain user escalate to Domain Admin in minutes. Learn how this common flaw works and the…A misconfigured AD CS template (ESC1) can let any domain user escalate to Domain Admin in minutes. Learn how this common flaw works and the simple fixes that close the door on one of Active…

EDR won’t save you if your keys are under the mat. Fund secure configs, asset inventory, and real pen tests before buying another shiny…EDR won’t save you if your keys are under the mat. Fund secure configs, asset inventory, and real pen tests before buying another shiny tool.

Seven practical tips to explain penetration testing in business terms. Demonstrate to leaders why pentests are crucial for establishing…Seven practical tips to explain penetration testing in business terms. Demonstrate to leaders why pentests are crucial for establishing trust, ensuring uptime, maintaining compliance, and driving…

Cisco’s zero-day firewall flaws forced global emergency action. Here’s what leaders must know about the growing risk of aging, unsupported…Cisco’s zero-day firewall flaws forced global emergency action. Here’s what leaders must know about the growing risk of aging, unsupported security infrastructure.

Misconfigured Active Directory Certificate Services (AD CS) can turn a minor foothold into a full domain compromise. Learn the top three…Misconfigured Active Directory Certificate Services (AD CS) can turn a minor foothold into a full domain compromise. Learn the top three attack paths, ESC1, ESC4, and ESC8, and how to fix them fast.

A zero findings report can be useless or a powerful validation of your defenses. Here’s how to make sure it highlights security wins and…A zero findings report can be useless or a powerful validation of your defenses. Here’s how to make sure it highlights security wins and proves value.

Description: Pentesting in 2025 isn’t about stats or checklists. It’s about finding the real gaps that attackers still use, before they…Description: Pentesting in 2025 isn’t about stats or checklists. It’s about finding the real gaps that attackers still use, before they find them first.

Stop AD attacks before they start. Our 2025 pentests keep uncovering the same 10 flaws. See which ones and how to lock them down before…Stop AD attacks before they start. Our 2025 pentests keep uncovering the same 10 flaws. See which ones and how to lock them down before threat actors exploit them.