- What can we help you find today?Filtering by
Phantom Labs™ researchers "think like attackers" to expose privilege escalation paths and identity attack vectors, helping defenders proactively uncover misconfigurations and detect threats in complex hybrid and cloud environments. Using advanced graph modeling, Phantom Labs™ researchers map attack paths to privileged access across cloud and on-premises infrastructure.
This blog explores the basics of a Kerberoasting attack, the limitations of traditional Kerberoasting detection methods, and walks through why our data modeling approach is able to surface the hidden threats traditional defenses miss.
BeyondTrust researchers discovered that Entra guest users with the right billing roles can create subscriptions and become Owners—without any explicit permissions in the target tenant. This blog unpacks how attackers could abuse this by-design behavior to pivot, persist, and potentially escalate privilege inside Microsoft Entra environments. Learn what’s at stake, how this technique works, and what defenders should do next.
This blog explores how data science can be leveraged to build effective session hijacking detection models, and how BeyondTrust’s research team built on these models to identify malicious activity with greater precision.
