The cyber security herd effect
Read More: The cyber security herd effectClose your eyes and imagine the African Savannah, you are a “be”wildebeest grazing away happily when an alert is raised and the entire herd of 100s of animals suddenly takes to the plains to outrun whatever the alarm was raised for. This time it was a single lioness looking for an easy meal, but the…
Articles, Microsoft, Microsoft Defender, Microsoft Defender Application Guard, Sandbox, Windows Sandbox
Sandboxing with Windows 10 – Microsoft Defender Application Guard
Read More: Sandboxing with Windows 10 – Microsoft Defender Application GuardSandboxing with Windows 10 – Microsoft Defender Application Guard, the feature to sandbox suspicious or unknown documents has been in Windows for some time and is very useful in preventing Malware from Office macros and other runtime nasties from being able to infect your machine. Sandboxing allows applications / documents etc to run inside their…
Articles, Endpoint Detection Response, EndPoint Protection, Extended detection and response, Extended Detection Response, MDRAn Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors
Read More: An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack VectorsAn Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors. Recently I wrote about EDR failure to detect and respond to cases of Advanced Persistent Threats here after discovering a research paper on the topic when researching the use of Machine Learning in cyber security Detection and response solutions such…
Microsoft Defender for Endpoint, Articles, Extended detection and response, Extended Detection Response, Microsoft Defender, Microsoft Defender for Endpoint ServerMicrosoft Defender Endpoint Deployments
Read More: Microsoft Defender Endpoint DeploymentsRecently I have been deploying Microsoft Defender for Endpoints into my lab environment as a part of my job function. I am responsible for aiding resellers and Managed Service Providers (MSP) to implement Microsoft Security solutions for their business customers. Personally I have been working with tech for many years but almost always using Microsoft…
Articles, EndPoint Protection, Microsoft, Microsoft Defender, Microsoft Defender for Cloud, Microsoft Defender for Endpoint, Microsoft Defender for Endpoint ServerMic
Microsoft Defender for endpoint server licensingRead More:Microsoft Defender for endpoint server licensing, Microsoft licensing is hard to follow at the best of times, not to mention product name changes/updates, licensing terms etc etc. Recently I have been involved in licensing questions for reseller and Managed Service Providers (MSP) across my region and Microsoft Defender for endpoint server licensing has come up…
Mic
Microsoft Defender for endpoint server licensingConfiguring Microsoft Autopilot clients
Quick guide
Read More: Configuring Microsoft Autopilot clientsConfiguring Microsoft Autopilot clients – Microsoft has some impressive functionality with their Microsoft 365 Business Premium licensing (for under 300 users) and with Microsoft Endpoint manager, I have mentioned in other posts about Microsoft Defender for Endpoints as another excellent way to improve your security without the traditional cost associated with tools such as CrowdStrike…
Quick guide
Microsoft Defender for Identity
Read More: Microsoft Defender for IdentityMicrosoft Defender for Identity is the Microsoft offical method of protecting Active Directory and on-premise infrastructure from cyber breach. Microsoft Defender for Identity integrates with Azure Arc to add many additional layers of telemetry to Microsoft Sentinel for SIEM and SOAR providing organisations with detection and response to both on-premise and cloud focused cyber attacks.…
Lapsus$: Microsoft and Okta “breaches”
Read More: Lapsus$: Microsoft and Okta “breaches”Lapsus$: Microsoft and Okta “breaches”: When our children start being involved in masterminding cyber “breaches”, the methods change………. Microsoft and Okta were attacked in the same way as my 9 year old daughter uses when she wants more Roblox time……. 30-40 messages in short succession until I relent (or I put imessage into silent mode),…
WAZUH Open source security platform
Read More: WAZUH Open source security platformWAZUH Open source security platform is a fork of OSSEC, it has been around since 2015 as a product and is growing in adoption. What is Wazuh Wazuh is an eXtended Detection and response platform that does not claim any level of either: Artificial Intelligence Machine Learning or, that it is easy These are the…
Oceanleaf Microsoft Defender tutorials
Read More: Oceanleaf Microsoft Defender tutorialsOceanleaf Microsoft Defender tutorials, just came across what looks like an amazing resource for those who want to know more about Microsoft Defender and its capabilities. https://oceanleaf.ch Discovered on Reddits r/cybersecurity subreddit, a very good place to get upto date information and opinion on everything cyber security. https://www.reddit.com/r/cybersecurity/
