AMA with Vincent Le Toux, creator of PingCastle

Community Events
, ,
1

:red_circle: If you are Going and do not see a video player here, please refresh the page :red_circle:

About the event

We’re hosting a special AMA (Ask Me Anything) with Vincent, the creator of PingCastle and former leader of incident response at Vinci.

This is your opportunity to hear directly from the mind behind one of the most widely used tools in Active Directory security. Vincent built PingCastle in his spare time, deployed it in a real-world enterprise setting at Vinci, and shaped it into a trusted solution for uncovering, prioritizing, and remediating risks in AD environments.

Want to add this event to your calendar?
  1. Simply click the . . .button in the top-right of the event
  2. Select Add to calendar
  3. Choose to download the ics file or add to Google Calendar
  4. Import the ICS file into your preferred calendar app

Downloading the calendar event

Join us in the Netwrix Community to:

  • Ask Vincent anything about Active Directory security, PingCastle, and his experience in incident response
  • Learn how PingCastle came to life and how it was used to protect one of the world’s largest infrastructure groups
  • Gain practical insights you can apply in your own AD environments

How it works:

  1. Leave your questions in the replies to this topic
  2. Like :heart: other questions to vote for them (vote for as many as you want!)
  3. Vincent will answer the top questions live during the AMA
  4. He’ll follow up on remaining questions directly in the thread after the event
2

Are there hidden, unknown but helpful, underestimated or unfinished features in PingCastle?

For example the parameters --generate-fake-reports (was interesting for me) or --debug-license(helped me to see our license expiry date). The attackpath visualization is also something that was great to discover, but hard to find when I discovered PingCastle years ago.

2 Likes
3
  1. What gave you the idea for PingCastle, and how has it changed since you first started working on it?
  2. What’s the most unexpected Active Directory issue or misconfiguration that PingCastle tends to find?
  3. How do you see AI and automation fitting into security auditing? Do you think they’ll eventually replace tools like PingCastle, or work alongside them?
1 Like
4

When you transitioned PingCastle from a free, open-source tool to a paid subscription model, which features did you decide to keep freely available, and which premium features did you develop that made customers see real value in paying? What feedback or use cases guided those decisions?

5

You played a role in defending Paris during the 2024 Olympics, a massive global event where the stakes were incredibly high. What did that experience reveal to you about the current state of international cybersecurity, both in terms of nation-state actors and independent threats, and how has it shaped your perspective on protecting critical infrastructure going forward?

6
  1. What do you think are the top 3 risks that PingCastle identifies?
  2. What other projects have you worked on in the security community?
  3. What would you like to see happen to PingCastle over the next 1y/3y?
  4. Was it a lot of effort building PingCastle whilst also maintaining another role? What was that experience like for you?
7

Are there any notes or recordings from that event? I’m sorry that I was unable to attend :face_with_thermometer: :see_no_evil_monkey:

8

Hi Andreas,
I just posted it here :slight_smile:

1 Like