Articles, Microsoft Defender for Endpoint, Microsoft Defender for Endpoint Server, Microsoft Defender Vulnerability Management, Threat and vulnerability management
Threat and Vulnerability management
Read More: Threat and Vulnerability managementThreat and Vulnerability management, an absolutely essential part of security for your organisation. Though my dislike for statistics is known, SIXTY percent of breaches are claimed to be from unpatched software and though statistics may be guided by the authorising (paying) agency/vendor, it does not change the underlying seriousness that we all face with keeping…
Australian cyber security centre, Articles, ASD, ASD 8, ASD essential 8, JGES, Just good enough securityMichael Brooke presents the ASD essential 8 on Safari
Read More: Michael Brooke presents the ASD essential 8 on SafariMichael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…
Michael Brookes’ Microsoft SC-100 – The Just Good Enough Guarantee
Read More: Michael Brookes’ Microsoft SC-100 – The Just Good Enough GuaranteeMichael Brookes’ Microsoft SC-100 – The Just Good Enough Guarantee, is my personal journey to secure the Microsoft SC-100 exam “Cyber Security Architect Expert” credential, after a somewhat foolhardy statement on LinkedIn seeking colleagues to join me and pass their certification as well by the end of July 2022. There is of course no “Just…
- ACSC, ACSC essential 8, Azure Application Proxy, Microsoft Azure Active Directory, Single Sign On, SSO, Zero Trust Network Architecture
“Okta parses passwords in clear text”, What does that mean to me?
Read More: “Okta parses passwords in clear text”, What does that mean to me?“Okta parses passwords in clear text”, What does that mean to me? This is really NOT an Okta problem but an industry problem – my industry, cloud SSO authentication should always and only be against known “good” Authenticators such as Microsoft, Google, Apple and others for all cloud based SSO. Passwords should never be out…
Carrots, sticks and Donkeys do improve cyber security, part 1
Read More: Carrots, sticks and Donkeys do improve cyber security, part 1Carrots, sticks and donkeys do improve cyber security, part 1. More specifically how to Use the ACSC recommendations to achieve cyber resilience augmented with what organisations are already doing well today. As most organisations in Australia already understand, the Australian Signals directorate Essential Eight is a list of 8, easy (definitely easy) steps to implement…
Machine learning – hype or hope with 1 part snake oil
Read More: Machine learning – hype or hope with 1 part snake oilMachine learning – hype or hope with 1 part snake oil, adding the snake oil makes all things including Machine Learning more capable than it may seem when peeking beneath the covers, or more slippery, but we will get into the slipperiness soon. The following article is something that I have wanted to write for…
#1, Down and Dusty with Microsoft sentinel
Read More: #1, Down and Dusty with Microsoft sentinel#1, down and Dusty with Microsoft Sentinel. Sentinel is one of Microsofts Crown Jewels hidden so well in plain sight that many Managed Service Providers and cyber security teams do not even know it can help them significantly with investigating Indicators of Compromise or investigating a cyber attack to find the source and the target.…
Articles, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Endpoint Detection Response, EndPoint Protection, Extended detection and response, Extended Detection Response, Microsoft Defender, Microsoft Defender for Endpoint, ProtectionProtection before Detection – Endpoint detection response
Read More: Protection before Detection – Endpoint detection responseProtection before Detection – Endpoint detection response Endpoint Detection and response gets a lot of attention from the entire cyber security industry, EDR as it is commonly known is a valuable tool in a corporate kitbag, but is Endpoint and response something that should be acquired first, second or where? If we review the Australian…
0-day Atlassian Confluence vulnerability, no patch yet
Read More: 0-day Atlassian Confluence vulnerability, no patch yet0-day Atlassian Confluence vulnerability, no patch yet. Known as CVE-2022-26134 it was acknowledged by the Atlassian team on the 31st May 2022. Update 04/06/2022: patch for the Atlassian Zero day is available here. A quick google search for “Confluence wiki”, CSIRO pops up an already disabled confluence site, any attacker has much more capable tools…
Articles, Data Loss Prevention, Data Protection, DLP, Information Protection, Microsoft purview, Purview Information ProtectionIs Microsoft Purview going too far, or not far enough?
Read More: Is Microsoft Purview going too far, or not far enough?Is Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate Sabotage, Gifts and Entertainment.
