Select Page
JerryDevore_0-1695331302683.png

Active Directory Hardening Series – Part 1 – Disabling NTLMv1

Active Directory Hardening Series - Part 1 – Disabling NTLMv1   Hello everyone, Jerry Devore back again after to along break from blogging to talk about Active Directory hardening.  In my role at Microsoft, I have found every organization has ... continue reading
Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution

Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution

On July 11, 2023, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access, which are now in public preview. In this blog, we take a deeper look ... continue reading
Microsoft Entra Expands into Security Service Edge with Two New Offerings

Microsoft Entra Expands into Security Service Edge with Two New Offerings

Flexible work arrangements and accelerating digital transformation changed the way we secure access. Traditional network security approaches just don’t scale to modern demands. They not only hurt end user experience but also grant each user excessive access to the entire ... continue reading
BrandonWilson_1-1688836922559.jpeg

Check This Out! (CTO!) Guide (June 2023)

  Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide. These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we are ... continue reading
Tabletop boardgame figures attack a huge red monster

SMB signing required by default in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25381 (Canary, zn_release) Enterprise editions, SMB signing is now required by default for all connections. This changes legacy behavior, where Windows 10 and 11 required SMB signing by ... continue reading
Bindusar_0-1677059689811.png

Group Policy Analytics Framework

  If we talk about pre-covid times, people were working in offices, data was monitoredcontrolled using proxy servers and firewalls etc in place. End users were keeping files using roaming profile or folder redirection. File sharing was allowed over SMB ... continue reading
Azure Stack HCI: What's new for Software Defined Networking (SDN) with WAC v2211

Azure Stack HCI: What’s new for Software Defined Networking (SDN) with WAC v2211

A warm 2023 “Hello” to our Customers and Partners! Today is an exciting day as we share with each of you the extensive new features and improvements for SDN in Windows Admin Center 2211 (WAC)!  We cannot thank you enough ... continue reading
hewagen_0-1671804677570.png

Windows 10 or Windows 11 GPO ADMX – An Update

Hi community,   I am Helmut Wagensonner, a Cloud Solution Architect – Engineer at Microsoft. In a former blog (https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/windows-10-or-windows-11-gpo-admx-which-one-to-use-for-your/ba-p/3063322), where I did a comparison between Windows 10 and Windows 11 ADMX files, I promised in my comments to do ... continue reading

How Do I Know If My AD Environment Is Impacted By The November 8th 2022 Patch?

  Q: How can I determine if objects in my AD environment are impacted by the November 8th 2022 patch? A: Use a couple of queries I wrote specifically for that purpose.   November 8th, 2022 brought us a patch ... continue reading
A Simplified schematic IT environment is split into three zones, Tier 0 with Domain Controllers, Tier 1 with servers and applications and Tier 2 with users and workstation systems. Zones are separated by red dotted line.

How to prevent lateral movement attacks using Microsoft 365 Defender

It’s been 10 years since the first version of the Mitigating Pass-the-Hash Attacks and Other Credential Theft whitepaper was made available, but the techniques are still relevant today, because they help prevent attackers from gaining a network foothold and using credential-dumping tools ... continue reading