Select Page
Threat hunting in Azure Advanced Threat Protection (ATP)

Threat hunting in Azure Advanced Threat Protection (ATP)

As members of Microsoft’s Detection and Response Team (DART), we’ve seen a significant increase in adversaries “living off the land” and using compromised account credentials for malicious purposes. From an investigation standpoint, tracking adversaries using this method is quite difficult ... continue reading
clipboard_image_0.png

Using Azure Security Center and Log Analytics to Audit Use of NTLM

The purpose of this post is to show how you can collect and query security events of interest from Windows servers. To do this we will use: Azure Security Center to collect events Log Analytics Workspace to store events Kusto ... continue reading

Just go with the flow…. WorkFlow that is with Windows PowerShell

Doctor Scripto returns again with our good friend Joel Vickery, PFE who is going to touch on the use of Workflows In PowerShell. Take it away Joel! Following up on my original post Parallel Processing with jobs in PowerShell, I ... continue reading
A diagram showing the recommended migration paths for Windows Server Roles

Protect workloads still running on Windows Server 2008 and 2008 R2

Over the last couple of years, we havesharedwhy it is business critical to migrate and upgrade apps and services running on Windows Server 2008 and 2008 R2. As you are aware, on January 14th, 2020, support for Windows Server 2008 ... continue reading

Install ConfigMgr CB 1902 using PowerShell

Introduction The document outlines the steps required to install SCCM CB 1902 with SQL 2017 using PowerShell. These steps can be used on a disconnected network. The scripts included in this document can also be added to MDT to automate ... continue reading
Stretch-01-Config.png

Disaster Recovery with Azure Stack HCI in next version Windows Server LTSC

Disaster can hit at any time. When thinking about disaster and recovery, I think of 3 things Be prepared Plan on not involving humans Automatic, not automated Having a good strategy is a must. You want to be able to ... continue reading
The Case of SPNs Breaking Group Policy Application

The Case of SPNs Breaking Group Policy Application

Hello Everyone, my name is Zoheb Shaikh and I’m a Solution Engineer working with Microsoft Mission Critical team (SMC). I’ll share with you something interesting that I came across recently where one of our Enterprise customers had multiple clients where ... continue reading
Lab Architecture.png

Build a SQL Cluster Lab Part 4

You are going to create a SQL Server Failover Cluster Instance in Part 4 of our series on how to build a SQL Cluster Lab. The FCI will only be installed on Node1 and Node2. FCIs require shared storage so ... continue reading
Your Pa$$word doesn't matter

Your Pa$$word doesn't matter

Every week I have at least one conversation with a security decision maker explaining why a lot of the hyperbole about passwords – “never use a password that has ever been seen in a breach,” “use really long passwords”, “passphrases-will-save-us”, ... continue reading
LDAP Channel Binding and LDAP Signing Requirements - JANUARY 2020 Updates

LDAP Channel Binding and LDAP Signing Requirements – JANUARY 2020 Updates

Hi All, Alan here again, this time trying to give some details on these two settings that will become active from January 2020 and they are creating some misunderstandings. Let’s start saying that since Windows Server 2008 we have events ... continue reading