2codemonte

@[email protected]
14 Followers
18 Following
82 Posts
Frustration is my fuel
2codemonteSep 5, 2024

Latest Intune blog is up where we show how to add exclusions to Windows ASR Rules.

ASR Rules are excellent for helping us reduce our endpoint attack surface, but as we know there are always exceptions lol!

#blueteam #cybersecurity #securebydefault #intune #microsoftsecurity

https://strategic-cyber.co.uk/2024/09/03/microsoft-intune-19-add-asr-rule-exclusion

Microsoft Intune 19 – Add ASR Rule Exclusion

In Intune guide number 15 we covered configuring ASR Rules with an Intune policy to harden our endpoints and reduce their attack surface. In this guide we are going to show how granular these contr…

@2codemonte
2codemonteJul 16, 2024

The next guide is up in our #intune series "Mobile Application Policies for iOS".

We show how you can control #byod devices with a simple set of policies.

https://strategic-cyber.co.uk/2024/07/02/microsoft-intune-17-mobile-application-management-policies-for-ios

#blueteam #cybersecurity #securebydesign

Microsoft Intune 17 – Mobile Application Management Policies for iOS.

Introduction Mobile Application Management Policies can used to secure data on both managed and unmanaged devices. If you have Intune, and you have a problem with BYOD in your organisation, then th…

@2codemonte
2codemonteJun 20, 2024

#sentinel Part 2 out now as we continue to cover deployment from scratch.

We look at using the free data feeds, and creating our first workbooks.

#blueteam #cybersecurity #SIEM #SOAR #securebydefault

https://strategic-cyber.co.uk/2024/06/19/microsoft-sentinel-part-2-deploying-a-sentinel-workspace-and-onboarding-free-data-sources

Microsoft Sentinel – Part 2 – Deploying a Sentinel Workspace and onboarding free data sources.

Introduction. We are going to cover the initial deployment of a Sentinel Workspace, and onboard the free data sources. Even though Microsoft lists the free data sources in the handy table shown bel…

@2codemonte
2codemonteJun 13, 2024

This week we're looking at installing #microsoft #sentinel from scratch.

Over this series we will start from the basics and free data sources, then progress onto more advanced configurations.

#blueteam #securebydefault #cybersecurity

https://strategic-cyber.co.uk/2024/06/10/microsoft-sentinel-part-1-log-analytics-workspace-budgets-and-action-groups

Microsoft Sentinel – Part 1 – Log Analytics Workspace, Budgets, and Action Groups.

Introduction Microsoft Sentinel is a cloud native Security Information and Event Management (SIEM), and Security Orchestration Automation and Response (SOAR) solution. It allows organisations to in…

@2codemonte
2codemonteMay 29, 2024

Next #intune blog is up. #windows and Driver Updates.

We look at #patchmanagement via Intune update rings

#cybesecurity #securebydefault #blueteam

https://strategic-cyber.co.uk/2024/05/16/microsoft-intune-16-windows-and-driver-updates/

Microsoft Intune 16 – Windows and Driver Updates.

It’s taken 16 blogs in this series to get here, but here we are, updating! Before we start, let’s put it out there that we should all be working towards auto updating. Yes it’s ea…

@2codemonte
2codemonteMay 9, 2024

This weeks guide relates to blocking legacy authentication for #sharepoint online apps.

We do not want apps bypassing #MFA or #conditionalaccess so this is an important setting to review, and implement if possible.

#cybersecurity #blueteam #securebydefault

https://strategic-cyber.co.uk/2024/05/07/securing-sharepoint-1-block-legacy-authentication

Securing SharePoint 1 – Block legacy authentication.

In previous series’ and blogs we have covered disabling legacy authentication to protect Exchange Online, Azure and Office 365, however while going through the Microsoft Cloud Security Benchm…

@2codemonte
2codemonteMay 2, 2024

We continue our #intune deep dive by looking at #asrrules

#blueteam #cybersecurity #securebydesign

https://strategic-cyber.co.uk/2024/05/02/microsoft-intune-15-attack-surface-reduction-rules/

Microsoft Intune 15 – Attack Surface Reduction Rules.

If you haven’t been following this series from the start, we have gone from setting up Intune from scratch which included device onboarding, autopilot, MDE, LAPs and compliance and configurat…

@2codemonte
2codemonteApr 24, 2024

Continuing the #intune series here we look at how to block and control device enrolment.

#blueteam #cybersecurity #securebydefault #endpointmanagement

https://strategic-cyber.co.uk/2024/04/23/microsoft-intune-14-block-and-control-device-enrolment/

Microsoft Intune 14 – Block and Control Device Enrolment.

Intune allows us to control which device types can join Microsoft Entra based on the platform they have installed. As we have covered many times previously, there are no technical control silver-bu…

@2codemonte
2codemonteApr 12, 2024

The next in the series of "Cyber security is easy, right?" is available.
"Say no to old, cheap microwaves". Grab a coffee, select read aloud and listen to me ramble for 5 minutes (in the AI voice of your choosing) about cyber security :)

https://strategic-cyber.co.uk/2024/04/10/cyber-security-is-easy-right-say-no-to-old-cheap-microwaves/

Cyber Security is easy, right? – Say no to old, cheap microwaves.

What is this about I hear you shout!? Stick with me on this. We can all agree that cyber security is a complex, almost seemingly impossible problem to solve. Cyber security is a relatively new prob…

@2codemonte
2codemonteMar 14, 2024

The next in our series "Cyber Security is easy, right?" we take a look at #secops

#blueteam #cybersecurity

https://2codemonte.wordpress.com/2024/03/13/cyber-security-is-easy-right-what-is-secops

Cyber Security is easy, right? – What is SecOps?

Introduction Security Operations (SecOps) is a well established term, however depending where you look it’s definition can vary slightly, but overall it’s generally consistent. When we …

@2codemonte