Mic
Microsoft Defender for endpoint server licensingRead More:Microsoft Defender for endpoint server licensing, Microsoft licensing is hard to follow at the best of times, not to mention product name changes/updates, licensing terms etc etc. Recently I have been involved in licensing questions for reseller and Managed Service Providers (MSP) across my region and Microsoft Defender for endpoint server licensing has come up…
Mic
Microsoft Defender for endpoint server licensingConfiguring Microsoft Autopilot clients
Quick guide
Read More: Configuring Microsoft Autopilot clientsConfiguring Microsoft Autopilot clients – Microsoft has some impressive functionality with their Microsoft 365 Business Premium licensing (for under 300 users) and with Microsoft Endpoint manager, I have mentioned in other posts about Microsoft Defender for Endpoints as another excellent way to improve your security without the traditional cost associated with tools such as CrowdStrike…
Quick guide
Microsoft Defender for Identity
Read More: Microsoft Defender for IdentityMicrosoft Defender for Identity is the Microsoft offical method of protecting Active Directory and on-premise infrastructure from cyber breach. Microsoft Defender for Identity integrates with Azure Arc to add many additional layers of telemetry to Microsoft Sentinel for SIEM and SOAR providing organisations with detection and response to both on-premise and cloud focused cyber attacks.…
Lapsus$: Microsoft and Okta “breaches”
Read More: Lapsus$: Microsoft and Okta “breaches”Lapsus$: Microsoft and Okta “breaches”: When our children start being involved in masterminding cyber “breaches”, the methods change………. Microsoft and Okta were attacked in the same way as my 9 year old daughter uses when she wants more Roblox time……. 30-40 messages in short succession until I relent (or I put imessage into silent mode),…
WAZUH Open source security platform
Read More: WAZUH Open source security platformWAZUH Open source security platform is a fork of OSSEC, it has been around since 2015 as a product and is growing in adoption. What is Wazuh Wazuh is an eXtended Detection and response platform that does not claim any level of either: Artificial Intelligence Machine Learning or, that it is easy These are the…
Oceanleaf Microsoft Defender tutorials
Read More: Oceanleaf Microsoft Defender tutorialsOceanleaf Microsoft Defender tutorials, just came across what looks like an amazing resource for those who want to know more about Microsoft Defender and its capabilities. https://oceanleaf.ch Discovered on Reddits r/cybersecurity subreddit, a very good place to get upto date information and opinion on everything cyber security. https://www.reddit.com/r/cybersecurity/
Budgies have taught me…
Read More: Budgies have taught me…I think it is worth taking the risk on new talent, when that talent shows the other capabilities that we are looking for but falls short on the technical know-how because technical know-how is the easiest part of working in a team.
Endpoint Detection Response Assessment = Fail
Read More: Endpoint Detection Response Assessment = FailEndpoint Detection Response Assessment = Failure of virtually all current leading Endpoint detection and response solutions to detect a range of ‘known’ attack methods. Throughout this work, we went through a series of attack vectors used by advanced threat actors to infiltrate organizations. Using them, we evaluated state-of-the-art EDR solutions to assess their reactions, as…
SIEM – Security Information & event management
Read More: SIEM – Security Information & event managementSIEM – Security Information & event Management platforms are mature cyber security solutions, often having come from a legacy of application log gathering with the data being used for availability and performance as well as access management, it has been a simple and logical transition into security log gathering and analysis of that data for…