Select Page
WAftring_0-1625249038859.png

Diagnosing Network Isolation Issues

Hi all, Will Aftring here from Windows Networking Support. I wanted to chat about how Network Isolation interacts with Universal Windows Platform (UWP) applications and how / why you may want to alter some of these settings in respect to ... continue reading
WDAC.gif

Deploying Windows 10 Application Control Policy

Dear IT Pros, Today we discuss about All things about WDAC – Windows Defender Application Control. WDAC was introduced with Windows 10 and could be applied to Windows server 2016 and later, its older name is Configurable Code Integrity (CCI) ... continue reading

How purple teams can embrace hacker culture to improve security

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writer for Hacker ... continue reading
PowerShell basics: Query Windows Server Event Logs

PowerShell basics: Query Windows Server Event Logs

One of the most standard server administration tasks is trawling through event logs looking for information about an issue you want to troubleshoot. If you’re interacting with Windows Server through PowerShell, you can interact with those event logs using the ... continue reading

How Do I Discover Changes to an AD Group’s Membership

Q: Is there an easy way to detect and changes to important the membership of AD Groups? A: Easy using PowerShell 7, WMI, and the CIM Cmdlets. WMI Windows Management Instrumentation (WMI) is an important component of the Windows operating ... continue reading
WDCFA.gif

Windows 10 Controlled Folder Access Event Search

Dear IT Pros, Ransomware acts with accessing to the files, folders and encrypting them, to respond against it, we need to enable the Windows Defender feature named “Controlled Folder Access” – WDCFA and monitor the Windows Defender Guard Events in ... continue reading
Using the Serial Console on Windows IaaS VMs

Using the Serial Console on Windows IaaS VMs

If you make a mistake when configuring operating system firewall rules that block you from accessing the VM, or a service is stopping an IaaS VM from booting, or some other configuration problem such as a newly installed application is ... continue reading
bwatts670_0-1617478804224.png

Exploring Anomalies with Log Analytics using KQL

Detecting anomalies in your data can be a very powerful and desired functionality. Within Azure Monitor we provide a really easy method to alert on Anomalies if they are coming from Metrics (Creating Alerts with Dynamic Thresholds in Azure Monitor ... continue reading
HAFNIUM targeting Exchange Servers with 0-day exploits

HAFNIUM targeting Exchange Servers with 0-day exploits

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to ... continue reading
Bild1.png

Enable Application Setups to Change File Type Associations

Tested with Windows 10 1609 up to 20H2 Hey community, this is Helmut Wagensonner, a Customer Engineer for Windows Client platform. Today I show you a way to make file type associations more enterprise ready. I heard many of my ... continue reading