Summary   In this episode of the Phillip Wylie Show, Sean Metcalf, an expert in Active Directory security, discusses his journey into cybersecurity, the evolution of Active Directory and Azure AD, and the common mistakes organizations make in cloud security. He emphasizes the importance of security assessments over penetration testing and shares insights into Trimarc's unique approach to security assessments. Sean also highlights the significance of scripting in security roles and discusses the future of Active Directory in hybrid environments. The episode concludes with information about Trimarc's new product, Trimarc Vision, aimed at enhancing Active Directory security.   Takeaways   Sean Metcalf has assessed environments with up to 960,000 users. Active Directory security is often overlooked in organizations. Many organizations are making the same security mistakes in the cloud as they did on-premises. Security assessments are crucial for identifying potential vulnerabilities. Trimarc uses proprietary tools for in-depth security assessments. Scripting knowledge, especially in PowerShell, is beneficial for security professionals. Active Directory is not going away anytime soon due to legacy applications. Organizations should conduct security assessments every couple of years. Trimarc's assessments provide actionable insights for improving security. The new Trimarc Vision product aims to enhance Active Directory security monitoring.   Sound Bites   "It's been quite a year." "I saw something change in the URL." "We're the identity experts."   Chapters   00:00 Introduction to Active Directory Security 03:33 Sean Metcalf's Hacker Origin Story 06:20 The Evolution of Active Directory and Azure AD 09:31 The Importance of Specialization in Cybersecurity 12:30 Active Directory Security Challenges 15:39 The Role of Security Assessments 18:26 Comparing Trimarc and Bloodhound 20:56 Understanding Active Directory Security Assessments 22:35 Getting Started in Active Directory Security 25:30 The Importance of Scripting in Security 34:43 The Hybrid Environment: On-Prem vs Cloud 37:23 Trimarc's Unique Services and Assessments 40:17 Frequency of Active Directory Assessments 42:21 Introducing Trimarc Vision   Resources https://www.linkedin.com/in/seanmmetcalf/ https://x.com/PyroTek3 https://www.linkedin.com/company/trimarcsecurity/ https://x.com/TrimarcSecurity https://www.trimarcsecurity.com/ https://adsecurity.org/