Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading

Recently I was approached by a customer on concerns and possibilities around going from on-premises to hybrid to cloud only. The customer had successfully gone through the hybrid scenario and was able to remove all known dependencies with their on-premises ... continue reading

Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, ... continue reading

Hello folks! If you have made it this far, know I think you’re amazing and one of a kind! If you are just tuning in now and would like to see the full blog series daisy chained together, take note ... continue reading

My name is John Marlin and I am with the High Availability and Storage Team here and today I want to talk about Failover Clustering and Networking. Networking is a fundamental key with Failover Clustering that sometimes is overlooked but ... continue reading

Greetings! We're back with another mailbag, this time focusing on your common questions regarding device-based Conditional Access scenarios. We’ve heard from so many of you over the past few months on new challenges you’ve faced keeping your remote workforce secure, ... continue reading

“MFA” or ‘Multi-Factor Authentication’ is a process where something more than just a username and password is required before granting access to a resource. This could be a one-time code sent to a user’s cellphone via SMS text, a phone ... continue reading

Hiya folks, Ned here again. Organizations are good at firewalling the network edge to stop inbound intruders. We need to move on to preventing outbound and lateral network communications. With the rise of mobile computing and ease of phishing users, ... continue reading

Hello everyone, my name is Liju and I am a Premier Field Engineer specializing in Active Directory and Azure AD. Fido2 support for single sign-on (SSO) was introduced first for cloud resources, and then expanded to include both cloud and ... continue reading

By now, you have probably examined my code (if not, please click the link). If you are familiar with ARM Templates, the code should seem relatively straightforward. There is one piece that may seem foreign though: the Desired State Configuration ... continue reading