Frustration is my fuel
In Intune guide number 15 we covered configuring ASR Rules with an Intune policy to harden our endpoints and reduce their attack surface. In this guide we are going to show how granular these controls are by creating an exclusion for a specific executable, for a specific ASR Rule, for two specific devices. In our …
Continue reading "Microsoft Intune 19 – Add ASR Rule Exclusion"
In our previous post we looked at how to create app based policies which can be used on mobile devices which are not enrolled in Intune as corporate devices. We looked at how we can control and protect corporate data within Microsoft apps by blocking copy and paste, access to local storage and non-approved apps …
Continue reading "Microsoft Intune 18 – Selective Wipe of Mobile App Data"
Introduction Mobile Application Management Policies can used to secure data on both managed and unmanaged devices. If you have Intune, and you have a problem with BYOD in your organisation, then this is the guide for you. We will be configuring a policy for iOS devices, but the steps for the Android devices are exactly …
Continue reading "Microsoft Intune 17 – Mobile Application Management Policies for iOS."
Introduction. We are going to cover the initial deployment of a Sentinel Workspace, and onboard the free data sources. Even though Microsoft lists the free data sources in the handy table shown below and available here, there are some caveats we need to be mindful of. The Microsoft documentation states; "Although alerts are free, the …
Introduction Microsoft Sentinel is a cloud native Security Information and Event Management (SIEM), and Security Orchestration Automation and Response (SOAR) solution. It allows organisations to ingest log feeds from most sources, contextualise the data with threat intelligence before making use of machine learning models to assist in providing actionable information and intelligent alerts. The ingested …
What is this about I hear you shout!? Stick with me on this. We can all agree that cyber security is a complex, almost seemingly impossible problem to solve. Cyber security is a relatively new problem, so we should look to other more established sectors and see what lessons we can learn. I had decided …
Continue reading "Cyber Security is easy, right? – Say no to old, cheap microwaves."
Introduction Security Operations (SecOps) is a well established term, however depending where you look it's definition can vary slightly, but overall it's generally consistent. When we talk about Security Operations we are referring to "IT" Security Operations. SecOps is the combination of IT Operations and Security Operations (Cyber) to prevent silos and improve collaboration, reduce …
Continue reading "Cyber Security is easy, right? – What is SecOps?"
Apart from being a great song by the Smiths, "How soon is now?" is also a question we should be asking ourselves daily. Cyber Security does not not stand still for a second, rarely is anything settled or constant yet we continually plan improvements based on the situation remaining constant, focusing on a point in …
Continue reading "Cyber Security is easy, right? – How Soon is Now?"
@2codemonte 