Frustration is my fuel
Introduction Security Operations (SecOps) is a well established term, however depending where you look it's definition can vary slightly, but overall it's generally consistent. When we talk about Security Operations we are referring to "IT" Security Operations. SecOps is the combination of IT Operations and Security Operations (Cyber) to prevent silos and improve collaboration, reduce …
Continue reading "Cyber Security is easy, right? – What is SecOps?"
We're back with another blog, and this week we're looking at privileged access, explaining its importance, and some considerations for implementation. Why is privileged access so important? We need to look at this in a few ways. As cyber security professionals we need to not only consider the risk from a security standpoint, but also …
Continue reading "Cyber Security is easy, right? – Understanding Privileged Access."
To be honest this guide could sit in our securing Azure series under Identity Access Management, however as this is specifically for controlling Local Administrative accounts, and the policies sit within Intune, it does sit better within our Intune series. What is LAPS? Windows LAPS is a feature that allows us to manage and back …
Continue reading "Microsoft Intune 13 – Configure Local Administrator Password Solution (LAPS)."
Apart from being a great song by the Smiths, "How soon is now?" is also a question we should be asking ourselves daily. Cyber Security does not not stand still for a second, rarely is anything settled or constant yet we continually plan improvements based on the situation remaining constant, focusing on a point in …
Continue reading "Cyber Security is easy, right? – How Soon is Now?"
By now you should be aware that as of September 30, 2025, authentication methods can't be managed in these legacy MFA and SSPR policies. You will need to use the new unified Authentication methods policy. "2025" I hear you shout! "we've got ages". Well, it can seem that way however authentication methods, and conditional access …
In the previous article we covered disabling legacy authentication, and configuring SPF, DKIM and DMARC. This article will cover Exchange Online Protection, Microsoft Defender for Office 365 Plan 1, and external email tagging. As always, these are recommendations which may impact a live environment. If you are starting from scratch within a new tenant then …
Continue reading "Securing Exchange Online 2 – First Steps Part 2."
When looking to make improvements, or implement a new control, it’s common to want to do it “properly”, as we have the best intentions and want to do a good job. We can see the issues, have identified our opportunities for improvement, and certainly don’t want to do anything half baked. We’ve read up on …
Continue reading "Cyber Security is easy, right? – It’s time to walk upstream."
In this new mini series we are going to be looking at the tasks we should be undertaking when we first start to use Exchange Online. As with our other guides, we start with the basics and then move on with improving our posture over time as we know we cannot resolve everything at once. …
Continue reading "Securing Exchange Online Part 1 – First Steps"
As we have covered previously, if you are a using Microsoft products and services a vast amount of guidance and documentation is available online. This can get confusing as there is the Cloud Adoption Framework, Azure Well-Architected Framework, Microsoft Cybersecurity Reference Architecture, Microsoft Cloud Security Benchmark, and the new Security Adoption Framework (SAF). This guide …
After the past few years Zero Trust has become known as more of a meme and a sales pitch, rather than an approach to improving our cyber security posture and reducing our attack surface. Zero Trust will not solve all our problems, it is not related to a specific technology, and it is not easy …
Continue reading "Cyber Security is easy, right? – What is “Zero Trust?”"
@2codemonte 