Monitoring your network and gathering massive amounts of data has become easier and easier. Many guides exist on how to gather data, and lots of companies have "enterprise grade" Security Information and Event Management products that can ingest terabytes of data. But what seems to be missing from most environments is the ability to apply context to...
One of the things I always advocate for IT Professionals/Defenders is that versus letting Penetration Testers and Real Attackers figure out the holes in their systems, is a serious contemplation of how you would bypass your own defenses. Your adversaries are more than willing to spend time learning the apps and defenses you have in place and who knows...
I maintain a list of links I call “security stuff every Microsoft customer should know” that I send to every customer I visit. The list ranges from basic things to more in depth security knowledge, and is now available even if I haven’t visited you. You might want to bookmark this page, as it will get updated periodically. My links on security...
Last week at Ignite Australia I presented a session (available here) on something I don't think gets talked about enough – Windows Event Forwarding (WEF). Often when we engage for an Incident Response, we find the customer : Has no centralized logging Are not monitoring endpoints/member servers (often just DCs) Spam logs with extra data Are...
Lateral Movement – the moving of an attacker from one compromised host throughout your domain until they find what they are looking for – is something we see many just about all attackers doing during compromise. I've talked a lot about the attacker behavior and how to stop it – strong protective controls can serve as powerful detective controls....
I did a guest post over on the Ask PFE Platforms blog about the Local Administrator Password Solution (LAPS) this week. You can check it out here : http://blogs.technet.com/b/askpfeplat/archive/2015/12/28/local-administrator-password-solution-laps-implementation-hints-and-security-nerd-commentary-including-mini-threat-model.aspx -Jessica @jepayneMSFT
Vytvorte si vlastný informačný kanál
Ste pripravení to vyskúšať?
Začnite 14-dňovú skúšobnú verziu, kreditná karta sa nevyžaduje.