Select Page
Diagram of the high-level Solorigate attack chain

Using Microsoft 365 Defender to protect against Solorigate

Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate (also referred to as Sunburst by FireEye) involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact ... continue reading
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product ... continue reading
K3.gif

MEM – Windows 10 Kiosk Troubleshooting Common Problems

Hi IT Pros, There is a need to run the Windows 10 kiosk mode with its beautiful, illuminative screen in the reception area of your Corporate Office or in the conference room, also there are the needs to run Windows ... continue reading
Turn Windows features on

MSIX – Using the Bulk Conversion Scripts

Hello everyone, this is Ingmar Oosterhoff, a Modern Workplace Customer Engineer at Microsoft. In an earlier series of posts we set up our environment to do batch sequencing using App-V. In this blog I will explain how we can set ... continue reading
image1.png

HOW TO: Create a Windows Server 2019 NAS / FileServer from the command line

My old Synology NAS for home use had started to show signs of wear and was in need of replacement. It had plenty of disk space and performed well enough - but the version I had lacked any real power ... continue reading
image001.png

Azure SQL with Managed Service Identity Sandbox

Introduction Are you moving from OnPremises to Azure SQL? Using Managed Identity may help with your legacy applications authentication. In a previous post, we saw how to use SSO with your current domain by leveraging AD Connect synchronization of your ... continue reading
Diagram showing process of isolation in System Management Mode

System Management Mode deep dive: How SMM isolation hardens the platform

Ensuring that the platform firmware is healthy and trustworthy is fundamental to guaranteeing that powerful platform security features like Hypervisor-protected code integrity (HVCI) and Windows Defender Credential Guard are functioning as expected. Windows 10 achieves this by leveraging a hardware-based ... continue reading
ezgif.com-gif-maker.gif

Microsoft Defender for Endpoint – MD ATP Daily Operation – Part 2

NOTE: As of late September, the Microsoft Defender ATP product line has been renamed to Microsoft Defender for Endpoint! Dear IT Pros, I would like to continue on Part 2 of the Windows Defender ATP Operation with tasks handled by ... continue reading
MDfIst.gif

Microsoft Defender for Identity – Azure ATP Deployment and Troubleshooting

Hi IT Pros, Recently, I searched the internet and could not find the document for Microsoft Defender for Identity (Azure ATP) Setup and Troubleshooting. So, I prepared this document for our convenient reference and deployment in the future. Please check ... continue reading
Edge Compute Node protection profile.

Solving IoT device security at scale through standards

Edge Compute Node protection profile (ECN PP)—now available—guides you to engineer, claim, evaluate, and consume device security for IoT. Internet of Things (IoT) solution builders these days are more likely to deploy IoT solutions with unsecured devices because they cannot ... continue reading