Select Page

Mastering Configuration Manager Bandwidth limitations for VPN connected Clients

Hi, Jonas, Roland and Stefan here! We are Microsoft Premier Field Engineers (PFEs) based in Germany focused on Microsoft Endpoint Manager related topics. Due to the current situation we get a lot of questions from our customers around Configuration Manger ... continue reading

A Journey to Holistic Cloud Protection with the Microsoft 365 Security Stack Part 3 – Devices

For our second stop on the journey to holistic cloud protection with the Microsoft 365 security stack we will be discussing Device security. For anyone new joining us on this journey please ensure you check out Part I: Overview and ... continue reading

Azure DSC for Zero Trust Windows 10 Devices Managed by Intune

Introduction Zero Trust is defined by Microsoft as model that “assumes breach and verifies each request as though it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to ... continue reading

Exporting Resultant Set of Policy (RSoP) data using PowerShell

Hello everyone, my name is Liju and I am a Premier Field Engineer specializing in Active Directory and Azure AD. I have worked on group policy for 15 years (I remember having to use Secedit.exe to refresh group policy) and ... continue reading
Wadhrama PARINACOTA attack chain

Human-operated ransomware attacks: A preventable disaster

Human-operated ransomware campaigns pose a significant and growing threat to businesses and represent one of the most impactful trends in cyberattacks today. In these hands-on-keyboard attacks, which are different from auto-spreading ransomware like WannaCry or NotPetya, adversaries employ credential theft ... continue reading
Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. In this post, I am going to show you how to use a minimal set of Group Policy objects ... continue reading
What is a strong key protection in Windows?

What is a strong key protection in Windows?

First published on TECHNET on Jun 16, 2009 Strong key protection is one of the most misunderstood features in Windows security. In this post I will attempt to demystify it. I will also try to address some of the misconceptions ... continue reading

Common Questions about SHA2 and Windows

First published on TECHNET on Feb 08, 2011 Since my last post about SHA2 and Windows I’ve received numerous questions from customers and partners around three particular scenarios. This post will try to address those questions. Windows XP/2003 Enrollment in ... continue reading

Design Considerations before Building a Two Tier PKI Infrastructure

First published on TECHNET on Jun 19, 2010 Environmental Dependencies: 1- Determine if the Active Directory Forest has Windows 2000 Domain Controllers. This is important because of modifications to the CertPublishers group scope, and permissions related to the AdminSDHolder role ... continue reading

Certificate Path Validation in Bridge CA and Cross-Certification Environments

First published on TECHNET on May 12, 2010 Recently, we’ve had a deluge of questions regarding chain building and selection, especially in the presence of cross-certified certificates. Hopefully, this post will make Crypto API 2 (CAPI2) chaining logic clearer and ... continue reading