WDAC Wedesday: Audit mode advantage
Andrew Happy WDAC Wednesday! Application control solutions are very powerful, they are like a gate keeper, and determine what installed applications are allowed to run. Applying tighter controls on endpoints, using…
WDAC Wedesday: Why anti-virus and EDR isn’t enough
Happy WDAC Wednesday! Welcome to a new series with the aim of detailing and demistifying Microsoft’s Application Control for Business (ACFB), a powerful solution used to allow or block applications…
Looking to migrate from MIM to Microsoft Entra?
If you’re an organisation utilising Microsoft Identity Manager (MIM) Microsoft have recently released a Microsoft Learn article that maps capabilities of MIM to those in Microsoft Entra, and is a…
January 2024 WDAC Advanced Hunting changes
Microsoft today published an update advisory for Windows Defender Application Control (WDAC) Advanced Hunting changes that could have an impact if you have any hunting rules or dashboards in place.…
Creating a policy with the WDAC Wizard
The goal of this post is to step through the process of using the WDAC Wizard to create a sample WDAC policy and deploy it to a test Windows 10…
Application control with Microsoft WDAC
This blog post will be the first (of many) in a series relating to Microsoft WDAC and how to understand, implement and manage it. In the current cyber security landscape…
Mark of the Web and trusting SharePoint Online
A common measure in corporate environments is to block macros files downloaded from the internet, which is implemented as a security measure to prevent users from inadvertently executing malicious. How…
Deploying Sentinel analytic rules from DevOps
There is a Microsoft Sentinel feature currently in public preview that allow you to deploy custom Sentinel content from DevOps or GitHub, such as analytic rules. The linked article provides…
Exchange Online SPF and domain validation
When on-boarding a domain to Exchange Online there is support documentation available detailing the DNS entries required for the domain to be successfully validated. One item not explicitly stated in…
Logic Apps and Concurrency Control awareness
If you’ve ever had strange, unexplainable behaviour in a Logic App loop that uses variables chances are the cause will be the Concurrency Control setting, which is turned off by…