ACSC, ACSC essential 8, Azure Application Proxy, Microsoft Azure Active Directory, Single Sign On, SSO, Zero Trust Network Architecture
“Okta parses passwords in clear text”, What does that mean to me?
Read More: “Okta parses passwords in clear text”, What does that mean to me?“Okta parses passwords in clear text”, What does that mean to me? This is really NOT an Okta problem but an industry problem – my industry, cloud SSO authentication should always and only be against known “good” Authenticators such as Microsoft, Google, Apple and others for all cloud based SSO. Passwords should never be out…
Carrots, sticks and Donkeys do improve cyber security, part 1
Read More: Carrots, sticks and Donkeys do improve cyber security, part 1Carrots, sticks and donkeys do improve cyber security, part 1. More specifically how to Use the ACSC recommendations to achieve cyber resilience augmented with what organisations are already doing well today. As most organisations in Australia already understand, the Australian Signals directorate Essential Eight is a list of 8, easy (definitely easy) steps to implement…
Machine learning – hype or hope with 1 part snake oil
Read More: Machine learning – hype or hope with 1 part snake oilMachine learning – hype or hope with 1 part snake oil, adding the snake oil makes all things including Machine Learning more capable than it may seem when peeking beneath the covers, or more slippery, but we will get into the slipperiness soon. The following article is something that I have wanted to write for…
#1, Down and Dusty with Microsoft sentinel
Read More: #1, Down and Dusty with Microsoft sentinel#1, down and Dusty with Microsoft Sentinel. Sentinel is one of Microsofts Crown Jewels hidden so well in plain sight that many Managed Service Providers and cyber security teams do not even know it can help them significantly with investigating Indicators of Compromise or investigating a cyber attack to find the source and the target.…
Articles, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Endpoint Detection Response, EndPoint Protection, Extended detection and response, Extended Detection Response, Microsoft Defender, Microsoft Defender for Endpoint, ProtectionProtection before Detection – Endpoint detection response
Read More: Protection before Detection – Endpoint detection responseProtection before Detection – Endpoint detection response Endpoint Detection and response gets a lot of attention from the entire cyber security industry, EDR as it is commonly known is a valuable tool in a corporate kitbag, but is Endpoint and response something that should be acquired first, second or where? If we review the Australian…
0-day Atlassian Confluence vulnerability, no patch yet
Read More: 0-day Atlassian Confluence vulnerability, no patch yet0-day Atlassian Confluence vulnerability, no patch yet. Known as CVE-2022-26134 it was acknowledged by the Atlassian team on the 31st May 2022. Update 04/06/2022: patch for the Atlassian Zero day is available here. A quick google search for “Confluence wiki”, CSIRO pops up an already disabled confluence site, any attacker has much more capable tools…
Articles, Data Loss Prevention, Data Protection, DLP, Information Protection, Microsoft purview, Purview Information ProtectionIs Microsoft Purview going too far, or not far enough?
Read More: Is Microsoft Purview going too far, or not far enough?Is Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate…
Articles, ACSC, ACSC essential 8, ASD, ASD 8, ASD essential 8, EndPoint Protection, Microsoft Defender, Microsoft Defender for EndpointThe No.1 way to protect Data, Defender for Business and Premium
Read More: The No.1 way to protect Data, Defender for Business and PremiumThe No.1 way to protect Data, Defender for Business and Premium, MSP’s and businesses looking for better coverage of the ASD Essential 8 with the fewest possible products should look at Microsoft Defender for Business or Business Premium preferably. This morning a colleague (thanks Ross) sent me this article and it reminded me that we…
Microsoft Defender vulnerability Management dropping shortly
Read More: Microsoft Defender vulnerability Management dropping shortlyMicrosoft Defender Vulnerability Management dropping shortly for customers as an add-on for Microsoft Defender for Endpoint P2 or a standalone license. Vulnerability assessments and Management of these vulnerabilities has been missing from the Microsoft stable and this is a great addition for customers as it brings the element of protection to what was previously only…
Articles, Airlock Digital, Application Control, Breach, Cyber Security Framework, Endpoint Detection Response, EPP, Microsoft, Microsoft Defender, Microsoft Defender for Endpoint, Zero Trust Network Architecture, ZTNAFollina 0 day – Office lets the bad guy waltz right in, WRTF!
Read More: Follina 0 day – Office lets the bad guy waltz right in, WRTF!Follina 0 day – Microsoft Office Macro protection eaten for breakfast!, those of you who know me, know that I embrace Microsoft Defender as a security tool that is top notch, not just my view but the view of the analysts that report on cyber security as well, here for example with the Mitre Evaluations…
