Select Page
Microsoft Endpoint Manager: Create & Audit an ASR Policy

Microsoft Endpoint Manager: Create & Audit an ASR Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating an Attack Surface Reduction (ASR) rule ... continue reading
How to Defend Users from Interception Attacks via SMB Client Defense

How to Defend Users from Interception Attacks via SMB Client Defense

Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading
Microsoft Endpoint Manager - Creating a WDAV Policy

Microsoft Endpoint Manager – Creating a WDAV Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating a Windows Defender Antivirus (WDAV) policy ... continue reading
Devices1.png

Azure AD Mailbag: Frequent questions about using device-based Conditional Access for remote work

Greetings! We're back with another mailbag, this time focusing on your common questions regarding device-based Conditional Access scenarios. We’ve heard from so many of you over the past few months on new challenges you’ve faced keeping your remote workforce secure, ... continue reading
1.png

Beyond the Edge: How to Secure SMB Traffic in Windows

Hiya folks, Ned here again. Organizations are good at firewalling the network edge to stop inbound intruders. We need to move on to preventing outbound and lateral network communications. With the rise of mobile computing and ease of phishing users, ... continue reading

Domain Time Synchronization in the Age of Working from Home

Happy Friday everyone! Brandon Wilson here posting on behalf of a new guest author, Sarath Madakasira. So, without further ado... Working from home has presented challenges in many areas and it is true for time synchronization on computers used at ... continue reading
LijuV_1-1591192288321.png

How-to: Password-less FIDO2 Security Key Sign-in to Windows 10 HAADJ Devices

Hello everyone, my name is Liju and I am a Premier Field Engineer specializing in Active Directory and Azure AD. Fido2 support for single sign-on (SSO) was introduced first for cloud resources, and then expanded to include both cloud and ... continue reading
Forced Transformation - Part I - ConfigMgr to AzureAD Groups

Forced Transformation – Part I – ConfigMgr to AzureAD Groups

From the title, you may be wondering what the heck does Configuration Manager have to do with Azure Active Directory (AD) groups. Well, get ready for another lesson. As a Configuration Manager admin or an IT Manager, you may be ... continue reading
Mobile Device Management (MDM)

Zero Trust Deployment Guide for devices

The modern enterprise has an incredible diversity of endpoints accessing their data. This creates a massive attack surface, and as a result, endpoints can easily become the weakest link in your Zero Trust security strategy. Whether a device is a ... continue reading
BrandonWilson_38-1589809614343.png

Tracking the Source of ADFS Account Lockouts

Introduction I am Eunice Chinchilla, and I am a Premier Field Engineer at Microsoft focusing in the Identity space. In this guide you will find a description of the task at hand and the journey I went on to deliver ... continue reading