Frustration is my fuel
Latest Intune blog is up where we show how to add exclusions to Windows ASR Rules.
ASR Rules are excellent for helping us reduce our endpoint attack surface, but as we know there are always exceptions lol!
#blueteam #cybersecurity #securebydefault #intune #microsoftsecurity
https://strategic-cyber.co.uk/2024/09/03/microsoft-intune-19-add-asr-rule-exclusion
#sentinel Part 2 out now as we continue to cover deployment from scratch.
We look at using the free data feeds, and creating our first workbooks.
This week we're looking at installing #microsoft #sentinel from scratch.
Over this series we will start from the basics and free data sources, then progress onto more advanced configurations.
Next #intune blog is up. #windows and Driver Updates.
We look at #patchmanagement via Intune update rings
#cybesecurity #securebydefault #blueteam
https://strategic-cyber.co.uk/2024/05/16/microsoft-intune-16-windows-and-driver-updates/
This weeks guide relates to blocking legacy authentication for #sharepoint online apps.
We do not want apps bypassing #MFA or #conditionalaccess so this is an important setting to review, and implement if possible.
#cybersecurity #blueteam #securebydefault
https://strategic-cyber.co.uk/2024/05/07/securing-sharepoint-1-block-legacy-authentication
We continue our #intune deep dive by looking at #asrrules
#blueteam #cybersecurity #securebydesign
https://strategic-cyber.co.uk/2024/05/02/microsoft-intune-15-attack-surface-reduction-rules/
Continuing the #intune series here we look at how to block and control device enrolment.
#blueteam #cybersecurity #securebydefault #endpointmanagement
https://strategic-cyber.co.uk/2024/04/23/microsoft-intune-14-block-and-control-device-enrolment/
The next in the series of "Cyber security is easy, right?" is available.
"Say no to old, cheap microwaves". Grab a coffee, select read aloud and listen to me ramble for 5 minutes (in the AI voice of your choosing) about cyber security :)
The next in our series "Cyber Security is easy, right?" we take a look at #secops
https://2codemonte.wordpress.com/2024/03/13/cyber-security-is-easy-right-what-is-secops
This weeks edition of Cyber Security is easy, right? sees us take a look at #privilegedaccessmanagement
This is worth a read, new campaign stealing NTLM hashes via email zip attachments. Includes IOCs.
https://www.proofpoint.com/uk/blog/threat-insight/ta577s-unusual-attack-chain-leads-ntlm-data-theft
New #intune blog where we look at how to configure #LAPS which will set a unique local admin password on each endpoint, and rotate them at set intervals.
Latest blog is up "Cyber Security is easy, right? – How Soon is Now?"
This is just me thinking out loud.
Apart from being a great song by the Smiths, “How soon is now?” is also a question we should be asking ourselves daily.
We discuss the idea of going for a stroll rather than racing to the finish.
Let's enjoy what we do.
#blueteam #cybersecurity #securebydesign
https://2codemonte.wordpress.com/2024/02/21/cyber-security-is-easy-right-how-soon-is-now/
This week we're having a look at migrating from the legacy #azure MFA and SSPR policies to the new Unified Auth Policy.
Part 2 of Securing Exchange Online - First Steps is now up.
We've been looking at some of the initial steps we should be taking or considering to better secure our Exchange Online tenants.
#securebydesign #blueteam #cybersecurity #exchangeonline
https://2codemonte.wordpress.com/2024/01/25/securing-exchange-online-part-2-first-steps-part-2/
Our latest blog "Cyber Security is easy, right?" is now up.
We're looking at biting off more than we can chew, and the overly reactive nature of current approaches.
#cybersecurity #blueteam #securebydesign
https://2codemonte.wordpress.com/2023/12/05/cyber-security-is-easy-right-its-time-to-walk-upstream
In the next blog of our series, we look at whether you can, or should, buy your way out of cyber security debt.
Today we cover the #microsoft Cybersecurity Reference Architecture (MCRA), and Microsoft Cloud Security Benchmark (MCSB), to understand each a little better.
Nice to be included again in Daniel Engbergs endpoint weekly newsletter.
Daniel collects official #microsoft updates, community projects, #intune hints, tips, interesting social media posts and more then centralises them into a great weekly newsletter. Sign up on his website.