019 - What Counts as a Security Breach (and What Doesn't)

"Compromised." We throw the word around like everyone agrees what it means, but do we?

This week, Andy and Eric dig into the many faces of compromise in a security context and why it’s not a simple definition

In this episode:

- What actually counts as a security compromise (and why the answer is “it depends”)

- Full breach vs. partial breach: Does it even matter?

- Why lateral movement should keep you up at night

- Session token hijacking in M365 and why MFA isn’t a silver bullet

- The Myth of the Green Matrix Terminal Hacker (aka Hollywood hacking nonsense)

- How risk profiling and layered defenses can contain the blast radius

- Real-world detection failures and the “10,000 alert problem”

- Practical steps to tune logs, outsource monitoring, and avoid burnout

📬 Reminder! - You can subscribe to the SysAdmin Weekly Companion Newsletter (link below) or email your own security horror story to contact@sysadminweekly.com!

Episode Resources:

- SysAdmin Weekly Companion Newsletter

- AndyOnTech

- Project Runspace

- SysAdmin Weekly 012 - Identity is the New Firewall

- Evilginx (Reverse Proxy Phishing Toolkit)

- Debian 13 “Trixie” Release Notes

- Ghost CMS Overview