Select Page
CredSSP, RDP and Raven

CredSSP, RDP and Raven

Welcome to another addition of AskPFEPlat, this is Paul Bergson and Graeme Bray bringing up the topic of CredSSP when in use with the Remote Desktop Protocol. This topic became an internal discussion around Premier Field Engineering and customers like ... continue reading
PAW deployment guide

PAW deployment guide

After running the PAW TAP program on the solution explained in this blogpost, I received tons of interests and great feedback. While the team is investigating on a plan, a lot of customers are asking how they can deploy PAW ... continue reading
Delegate WMI Access to Domain Controllers

Delegate WMI Access to Domain Controllers

Hi everyone! Graeme Bray back with you today with a post around delegating WMI access to Domain Controllers. Continuing the tradition of security themed posts that we’ve had recently on AskPFEPlat, I thought I’d throw this one together for you ... continue reading
Rescued by Procmon: The Case of the Certificate Authority Unable to Issue Certificates due to Revocation Failures

Rescued by Procmon: The Case of the Certificate Authority Unable to Issue Certificates due to Revocation Failures

Hello Everyone, my name is Zoheb Shaikh and I’m a Premier Field Engineer with Microsoft India. I am back again with another blog and today I’ll share with you something interesting that I came across recently which caused the Certificate ... continue reading

Security baseline for Windows 10 v1803 “Redstone 4” – DRAFT

Microsoft is pleased to announce the draft release of the security configuration baseline settings for the upcoming Windows 10 version 1803, codenamed “Redstone 4.” Please evaluate this proposed baseline and send us your feedback via blog comments below. Download the ... continue reading
10 Tips and Tricks from the Field

10 Tips and Tricks from the Field

Hello All. The AskPFEPlat team is here today with you in force. Recently we put together 10 Tips and Tricks from the Field – a collection of tips and tricks in our tool belt that we use on occasion. We ... continue reading

Default Code Integrity policy for Windows Server

After Windows Defender Application Control (WDAC, formerly known as Code Integrity) was released in Windows Server 2016, I wrote a blog post on it, it was a very effective way to do application whitelisting, and get secure! When engaging with ... continue reading
PKI Basics: How to Manage the Certificate Store

PKI Basics: How to Manage the Certificate Store

Hello all! Nathan Penn and Jason McClure here to cover some PKI basics, techniques to effectively manage certificate stores, and also provide a script we developed to deal with common certificate store issue we have encountered in several enterprise environments ... continue reading
Schannel Follow-up

Schannel Follow-up

Hello all! Nathan Penn back again with a follow-up to Demystifying Schannel. While finishing up the original post, I realized that having a simpler method to disable the various components of Schannel might be warranted. If you remember that article, ... continue reading
Loading...