NTLM-Relaying in 2026

NTLM-Relaying is a common attack vector in internal networks. In this blog post, we will show that even in 2026, there are still many scenarios where NTLM-Relaying can be successfully performed, and we will provide some insights into how to mitigate these risks.

An Overview of SecCore Essentials

Our SecCore Essentials are a set of security configurations that should be implemented in every environment to mitigate common attack vectors. Learn more about them in this overview.

AI agents are everywhere, how good is that really?

There is no doubt that GenAI has already disrupted many industries and workflows. However, just like any technology, between the hype and promises, there are risks that do not get the attention they deserve.

Unconventional Initial Access Vectors Pt. 3

Mitigation and defense strategies.

Unconventional Initial Access Vectors Pt. 2

Elaborating on Conditional Access bypasses and what happens after initial access is established.

Unconventional Initial Access Vectors Pt. 1

ITSecX 2025 was a great time again. For everyone who could not make it, we want to summarize our experiences and our talk.

SecCore Essentials - Active Directory Tier Model

How splitting Active Directory administration into separate tiers improves security for administrative accounts

SecCore Essentials - ADCS Security

Essential security practices for Active Directory Certificate Services (ADCS), common attack vectors, and mitigation to protect your PKI infrastructure.

SecCore Essentials - Backup Security

Protecting systems and data in case of an emergency

SecCore Essentials - Client Hardening

Some of the most important security implementations for client workstations in an enterprise environment

SecCore Essentials - Kerberos Security

Even though Kerberos offers many security improvements compared to NTLM, there are still some caveats to consider

SecCore Essentials - LDAP Security

Common LDAP attack vectors in Active Directory environments and practical mitigation steps to secure LDAP against abuse

SecCore Essentials - Network Layer Security

Essential network layer security controls to prevent lateral movement and limit the impact of breaches in enterprise environments

SecCore Essentials - Network Protocols

Hardening several core protocols used in enterprise environments

SecCore Essentials - Password Security

Passwords are the most common authentication mechanism, strong and different passwords for each service is important for the overall security posture

SecCore Essentials - Sensitive Information Protection

Sensitive information can be stored in many ways, often unknowingly exposed to attackers

SecCore Essentials - SMB Security

SMB is a central Microsoft Windows networking component. This entry describes common misconfigurations and their impact.

SecCore Essentials - Vulnerability Management

Having an overview about exposed and security-relevant system is an important factor for resilience

Hello from SecCore!

Who are we, why are we doing this?