Tel: (+61) 422 933 319

Email: [email protected]


Kicksec Blog: News, Opinions and more (or less)

Kicksec Blog: News, Opinions and more (or less)

All opinions on this blog site are that of the writer alone and should not be taken as advice without reviewing other sources of information regarding the topic of cyber resilience in industry.

  • 101: Basic Security Posture for WordPress

    101: Basic Security Posture for WordPress

    101: Basic Security Posture for WordPress, WordPress is one of the most popular internet technologies in use today, as a tool for amateur and professionals wanting to blog, to sell, to consult or to do almost anything else, nothing comes close to the WordPress ecosystem for flexibility and extensibility – want to build a store…


  • 101: Introducing Microsoft Defender for Endpoint

    101: Introducing Microsoft Defender for Endpoint

    101: Introducing Microsoft Defender for Endpoint, one of my favourite role functions is to talk with customers about Microsoft security, of course I like to speak about security in general as well but Microsoft do a really great job covering 80% of what organisations need from a cyber security perspective so I almost always start…


  • Microsoft Sentinel – reducing spend and log complexity first

    Microsoft Sentinel – reducing spend and log complexity first

    Microsoft Sentinel – reducing spend and log complexity first, Microsoft sentinel is one of the easiest SIEM platforms to switch on and be usable without configuration. But the devil is in the details of what should be configured to ensure that the signal data being ingested is most useful, minimally duplicated and at the lowest…


  • Secure Cloud Business Applications – assess your security

    Secure Cloud Business Applications – assess your security

    Secure Cloud Business Applications, assess your security – Best of all it is at no cost and provides guidance on best practise security guidelines for business. When reducing the likelihood of a successful cyber attack we need to break down the approach into various elements, a security assessment such as the CISA SCUBA tool is…


  • Protecting Australian Business from Cyber Crime

    Protecting Australian Business from Cyber Crime

    Protecting Australian Business from Cyber Crime, easy title to write and a topic beyond complex to implement for many small to mid sized businesses in 2022, Australia. The secret is that it is not complex to get started on a cyber security journey, it is easy to do the basics and reduce the risk of…


  • As Secure As Practical (ASAP)

    As Secure As Practical (ASAP)

    As Secure As Practical (ASAP) – As Soon As Possible. In the past few months of 2022 in Australia alone there have been a number of significant cyber breaches across many of our major brand names and this terrible trend is poised to continue to get worse until such time as our organisations uplift their…


  • Threat and Vulnerability management

    Threat and Vulnerability management

    Threat and Vulnerability management, an absolutely essential part of security for your organisation. Though my dislike for statistics is known, SIXTY percent of breaches are claimed to be from unpatched software and though statistics may be guided by the authorising (paying) agency/vendor, it does not change the underlying seriousness that we all face with keeping…


  • Michael Brooke presents the ASD essential 8 on Safari

    Michael Brooke presents the ASD essential 8 on Safari

    Michael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…


  • Carrots, sticks and Donkeys do improve cyber security, part 1

    Carrots, sticks and Donkeys do improve cyber security, part 1

    Carrots, sticks and donkeys do improve cyber security, part 1. More specifically how to Use the ACSC recommendations to achieve cyber resilience augmented with what organisations are already doing well today. As most organisations in Australia already understand, the Australian Signals directorate Essential Eight is a list of 8, easy (definitely easy) steps to implement…


  • Machine learning – hype or hope with 1 part snake oil

    Machine learning – hype or hope with 1 part snake oil

    Machine learning – hype or hope with 1 part snake oil, adding the snake oil makes all things including Machine Learning more capable than it may seem when peeking beneath the covers, or more slippery, but we will get into the slipperiness soon. The following article is something that I have wanted to write for…


  • #1, Down and Dusty with Microsoft sentinel

    #1, Down and Dusty with Microsoft sentinel

    #1, down and Dusty with Microsoft Sentinel. Sentinel is one of Microsofts Crown Jewels hidden so well in plain sight that many Managed Service Providers and cyber security teams do not even know it can help them significantly with investigating Indicators of Compromise or investigating a cyber attack to find the source and the target.…


  • Protection before Detection – Endpoint detection response

    Protection before Detection – Endpoint detection response

    Protection before Detection – Endpoint detection response Endpoint Detection and response gets a lot of attention from the entire cyber security industry, EDR as it is commonly known is a valuable tool in a corporate kitbag, but is Endpoint and response something that should be acquired first, second or where? If we review the Australian…


  • 0-day Atlassian Confluence vulnerability, no patch yet

    0-day Atlassian Confluence vulnerability, no patch yet

    0-day Atlassian Confluence vulnerability, no patch yet. Known as CVE-2022-26134 it was acknowledged by the Atlassian team on the 31st May 2022. Update 04/06/2022: patch for the Atlassian Zero day is available here. A quick google search for “Confluence wiki”, CSIRO pops up an already disabled confluence site, any attacker has much more capable tools…


  • Is Microsoft Purview going too far, or not far enough?

    Is Microsoft Purview going too far, or not far enough?

    Is Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate Sabotage, Gifts and Entertainment.


  • The No.1 way to protect Data, Defender for Business and Premium

    The No.1 way to protect Data, Defender for Business and Premium

    The No.1 way to protect Data, Defender for Business and Premium, MSP’s and businesses looking for better coverage of the ASD Essential 8 with the fewest possible products should look at Microsoft Defender for Business or Business Premium preferably.  This morning a colleague (thanks Ross) sent me this article and it reminded me that we…


  • Microsoft Defender vulnerability Management dropping shortly

    Microsoft Defender vulnerability Management dropping shortly

    Microsoft Defender Vulnerability Management dropping shortly for customers as an add-on for Microsoft Defender for Endpoint P2 or a standalone license. Vulnerability assessments and Management of these vulnerabilities has been missing from the Microsoft stable and this is a great addition for customers as it brings the element of protection to what was previously only…


  • Follina 0 day – Office lets the bad guy waltz right in, WRTF!

    Follina 0 day – Office lets the bad guy waltz right in, WRTF!

    Follina 0 day – Microsoft Office Macro protection eaten for breakfast!, those of you who know me, know that I embrace Microsoft Defender as a security tool that is top notch, not just my view but the view of the analysts that report on cyber security as well, here for example with the Mitre Evaluations for 2022 where Microsoft Defender for Endpoint P2 shows its ‘chops’ and performs like the participants on “Dancing with the Stars”, not the ones who get booted early on, of course!


  • Threat Hunters, Hard job, tough to find too!

    Threat Hunters, Hard job, tough to find too!

    Threat Hunters, Hard job, tough to find too! – the following article has been kindly shared with permission by GravityWall.net from an original article written on their website here. Employing good cyber security candidates is hard So many considerations: technical vs team fit vs ability to learn etc etc, I recently came across this very…


  • Microsoft Defender for Endpoint training resources

    Microsoft Defender for Endpoint training resources

    Microsoft Defender for Endpoint training resources: The goal of this page is to put together a level 101/201 resource for consultants and end customers to utilise to find out more about Defender for Endpoints, I will update the details as they change but this is current as of May 2022. Microsoft Defender for Endpoint training…


  • Microsoft Office app licensing for MSPs utilising RDS

    Microsoft Office app licensing for MSPs utilising RDS

    Microsoft Office app licensing for MSPs utilising RDS – short answer is, if you are an Managed Service Provider (MSP) and you are not a Qualified Multitenant Hoster (QMTH) then you can not provide the Microsoft Office apps via Remote Desktop Services (RDS) to your clients. Recently this question was given to me to answer…


Registration

Forgotten Password?