“Is it Really Good to be the King when it comes to Cybersecurity?”


In the realm of cybersecurity, the saying “It’s good to be the king” takes on a whole new meaning. While traditional kingdoms have only one king, the modern digital landscape presents a different scenario. In the intricate world of technical systems, there isn’t just a single ruling entity, but rather multiple administrators or power users who play crucial roles in safeguarding organizational networks and systems.

Today, numerous technical teams oversee various aspects of cybersecurity, including Networking, SecOps, DevOps, and IT, among others. Each team assumes responsibility for managing and supporting specific systems and equipment within the organization. Naturally, there is an inherent desire to perform these tasks with the utmost privileges, aiming for efficiency and freedom from constraints. These privileged users are commonly referred to as “Administrators,” “Admins,” or “Root” within their respective domains, such as routers or domain controllers.

However, it is essential to pause and contemplate the following question: “Should I always strive to be the most powerful entity in the cybersecurity kingdom?”

It’s worth considering whether relying on default administrative user accounts, which often come with extensive privileges, is truly advantageous or potentially more harmful in the context of cybersecurity. While such privileges may enable quicker actions or bypass certain limitations, they also carry significant risks that can compromise the overall security posture of an organization.

More to explorer

New Deployed Rules

NTFS:   1. Volume Shadow Copy Mount PowerShell Script   2. Code Executed Via Office Add-in XLL File   3. Potential Invoke-Mimikatz PowerShell Script   4.

New Deployed Rules

MSMQ:    1. MSMQ Corrupted Packet Encountered Network Share Object:    2. Protected Storage Service Access   3. Possible Impacket SecretDump Remote Activity

Sign up for our newsletter

Time to market

One-day SIEM integration