Select Page
Paddy_D_0-1659736274514.png

Modernizing Endpoint Management – Encryption – Part 1

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading
Infection chain describing the usual tactics and techniques used by DEV-0270 actor group.

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading
PaddyDamodharan_14-1660355299530.png

Modernizing Endpoint Management – Encryption – Part 2

Introduction: In part 1, we saw how to use MEM portal to view and recover Bitlocker recovery keys for ConfigMgr clients that are tenant attached. In part 2 of this blog, we will see how to migrate Bitlocker keys to ... continue reading
Paddy_D_0-1659736274514.png

Modernizing Endpoint Management – Encryption – Part1

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading
The Microsoft vulnerable driver blocklist feature enabled in the Core isolation page within the Windows Security app.

New security features for Windows 11 will help protect hybrid work

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office. These changes have put “cybersecurity ... continue reading
YvetteOMeally_0-1646082467551.png

Go Dark in Configuration Manager TP 2203

Update 2203 for the Technical Preview Branch of Microsoft Endpoint Configuration Manager has been released. The Configuration Manager console now offers a dark theme. To use the theme, select the arrow from the top left of the ribbon, then choose Switch ... continue reading
Timeline showing dates, threat actor, and malware payload of ransomware attacks by Iranian threat actors

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends ... continue reading
Affinity.png

New Features of Windows Server 2022 Failover Clustering

Greetings again Windows Server and Failover Cluster fans!!  John Marlin here and I own the Failover Clustering feature within the Microsoft product team.  In this blog, I will be giving an overview of the new features in Windows Server 2022 ... continue reading
Group Policy Analytics

STIGing Made Easy – Microsoft Endpoint Manager

Introduction This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. With my large customer base in the Microsoft Federal space and having to comply with internal security baselines ... continue reading
Video Tutorial: Endpoint Protection Part 3 – BitLocker Integration and Management

Video Tutorial: Endpoint Protection Part 3 – BitLocker Integration and Management

Hello everyone, here is part 3 of a series focusing on Endpoint Protection integration with Configuration Manager. This series is recorded by Steve Rachui, a Microsoft principal premier field engineer. This session focuses on the BitLocker management capabilities integrated into ... continue reading