Select Page
Graphic outlines DART’s containment steps, which cover assessing the scope of the situation and preserving existing systems.

A guide to combatting human-operated ransomware: Part 2

This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Graphic illustrates the steps, goals, and initial questions in DART’s ransomware investigation assistance.

A guide to combatting human-operated ransomware: Part 1

This blog is part one of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Affinity.png

New Features of Windows Server 2022 Failover Clustering

Greetings again Windows Server and Failover Cluster fans!!  John Marlin here and I own the Failover Clustering feature within the Microsoft product team.  In this blog, I will be giving an overview of the new features in Windows Server 2022 ... continue reading

7 ways to harden your environment against compromise

Here at the global Microsoft Compromise Recovery Security Practice (CRSP), we work with customers who have experienced disruptive security incidents to restore trust in identity systems and remove adversary control. During 2020, the team responded to many incidents involving ransomware ... continue reading
2021-07-29_18-25-55.jpg

Configure SMB Signing with Confidence

Heya folks, Ned here again. Many years ago, we made configuring SMB signing in Windows pretty complicated. Then, years later, we made it even more complicated in an attempt to be less complicated. Today I'm here to explain the SMB ... continue reading
Deep Dive: Windows hybrid join single-sign-on to Azure Active Directory

Deep Dive: Windows hybrid join single-sign-on to Azure Active Directory

In a previous article, we explored the process of logging on to Windows and authenticating with an on-premises Active Directory domain, against a Windows Server domain controller. Many organizations are now using both on-premises and cloud resources, and users want ... continue reading
TelemetryFinal.gif

Log Sensor & Telemetry Services in Isolated Network

Dear IT Pros, We knew that it is normal for Domain Controller and critical servers to be in isolated network without internet access. How could we provide the cloud-based, Azure log analytic services for these objects? The services could originate ... continue reading
Verify Service Principal was created

Register the Azure AD Connect Health for ADDS Agent via Service Principal

Hi everyone! Graeme Bray back with you for a new journey.  Today's adventure is to leverage an Azure AD Service Principal to register  the Azure AD Connect Health agent (ADDS or ADFS) with the portal, rather than utilizing a Cloud-only MFA exempt account (specifically ... continue reading
SecurityLevel.png

Security Settings for Failover Clustering

Security is at the forefront of many administrator's minds and with Failover Clustering, we did some improvements with Windows Server 2019 and Azure Stack HCI with regards to security. Since the beginning of time, Failover Clustering has always had a ... continue reading

Part 2 – You Might Want to Audit Your LAPS Permissions….

Part 2 - Deploy LAPS, Check! You’re all set, right? Maybe… Hi Team, Eric Jansen here to follow up on some auditing suggestions that I mentioned for those of you that have LAPS deployed in your environment, in part one of this ... continue reading