Select Page
Image showing protection of critical web applications. Azure ID, CIS IDs, and Responsibility.

Azure Security Benchmark—90 security and compliance best practices for your workloads in Azure

The Azure security team is pleased to announce that the Azure Security Benchmark v1 (ASB) is now available. ASB is a collection of over 90 security best practices recommendations you can employ to increase the overall security and compliance of ... continue reading
Infographic showing Zscaler Security and Policy Enforcement. Internet Destinations and Private Apps appear in clouds. Azure Sentinel, Microsoft Endpoint Manager, and Azure Active Directory appear to the right and left. In the center is a PC.

Microsoft and Zscaler help organizations implement the Zero Trust model

While digital transformation is critical to business innovation, delivering security to cloud-first, mobile-first architectures requires rethinking traditional network security solutions. Some businesses have been successful in doing so, while others still remain at risk of very costly breaches. MAN Energy ... continue reading
LDAP Channel Binding and LDAP Signing Requirements - March update default behavior

LDAP Channel Binding and LDAP Signing Requirements – March update default behavior

Hi All, Alan here again, this time trying to give some details on these two settings that will become active from March 2020 and they are creating some misunderstandings. Let’s start saying that since Windows Server 2008 we have events ... continue reading
sLoad launches version 2.0, Starslord

sLoad launches version 2.0, Starslord

sLoad, the PowerShell-based Trojan downloader notable for its almost exclusive use of the Windows BITS service for malicious activities, has launched version 2.0. The new version comes on the heels of a comprehensive blog we published detailing the malware’s multi-stage ... continue reading

How companies can prepare for a heightened threat environment

With high levels of political unrest in various parts of the world, it’s no surprise we’re also in a period of increased cyber threats. In the past, a company’s name, political affiliations, or religious affiliations might push the risk needle ... continue reading
Image of three coworkers working at a desk in an office.

Changing the monolith—Part 2: Whose support do you need?

In Changing the monolith—Part 1: Building alliances for a secure culture, I explored how security leaders can build alliances and why a commitment to change must be signaled from the top. But whose support should you recruit in the first ... continue reading
Image of Python source code.

Introducing Microsoft Application Inspector

Modern software development practices often involve building applications from hundreds of existing components, whether they’re written by another team in your organization, an external vendor, or someone in the open source community. Reuse has great benefits, including time-to-market, quality, and ... continue reading

How to implement Multi-Factor Authentication (MFA)

Another day, another data breach. If the regular drumbeat of leaked and phished accounts hasn’t persuaded you to switch to Multi-Factor Authentication (MFA) already, maybe the usual January rush of ‘back to work’ password reset requests is making you reconsider ... continue reading
Image from scenario one: Ransomware

Rethinking cyber scenarios—learning (and training) as you defend

In two recent posts I discussed with Circadence the increasing importance of gamification for cybersecurity learning and how to get started as a practitioner while being supported by an enterprise learning officer or security team lead. In this third and ... continue reading

Configure Ansible to use a Managed Identity with Azure Dynamic Inventory

Hello again, Chris Wallen here and in this post, I’m going to show you how to configure the Ansible Azure Dynamic Inventory plugin to use a managed identity. If you’re not familiar with managed identities, see this overview of managed ... continue reading