WPNinjas HeaderWPNinjas Header

Category: Security

SOC Monitor Wall Layout
Security
Christoph Düggeli

SOC Monitor wall – Build your Content (Part 3)

In this blog post, I share how the dedicated workbooks could look like regarding their content. Note: During the analysis of a specific high-severity security incident in a customer environment you might want to display specific content on the SOC wall screen. Link to other Parts: Planning the Setup Develop

Read More »
SOC Monitor Wall Layout
Security
Christoph Düggeli

SOC Monitor wall – Planning the Setup (Part 1)

The big plus working in a SOC is the possibility to be on-site with other Security Analysts rather than being separated in the home office. Working in a MSSP SOC means to keep an eye on multiple customer SIEM’s simultaneously in terms of security incidents and anomalies/availability of mandatory log

Read More »
Security
Thomas Kurth

It’s all about the signature! Why S/MIME is important

Before starting the technical part, which contains a unique and full solution to deploy S/MIME certificates with MEM Intune to clients, I will highlight why it is important to implement S/MIME within your environment. I started the work on this topic as we had the internal discussion at baseVISION if

Read More »
Azure AD
Thomas Kurth

Automatic Azure AD Conditional Access Documentation

Creating configuration documentations is always hassle. Therefore, I extended the Intune documentation with a new option to also document Azure AD Conditional Access policies. The new function Invoke-ConditionalAccessDocumentation will document: Azure AD Conditional Access Policies Translate referenced id’s to real object names (users, groups, roles and applications) Important: The Conditional

Read More »
Pop up when pasting into a personal application
Intune
Philip Büchler

Edge Version 81 now supports Windows Information Protection

Introduced a long time ago, Windows Information Protection (WIP) still lives in a niche of configurations that only very few actually use. Which is a shame, as its very powerful and easy(-ish) to configure. You can read everything about it in Microsofts documentation for the feature.  One thing that was

Read More »
Security
Thomas Kurth

Defense in depth on an example: Office Macro Protection

Office Macros are one of the things every IT department tries to block, but will never really be able to 100% eliminate them. The reason is simple the documents with macros are sometimes produced by business apps, sent by business partners via e-mail or created by employees to improve business

Read More »
MDATP
Thomas Kurth

Configure Intune to deploy Microsoft Defender ATP for macOS

Since this summer Defender Advanced Threat Protection supports also macOS. Now I had time to review the functionality and share my experience in this blog. First of all, my starting position is a MacBook Air, which is enrolled to Microsoft Intune and is able to retrieve Configuration Profiles. The device

Read More »

Implementing Azure AD Privilege Management for Azure IaaS

Two years ago, we implemented AzureAD PIM in our baseVISION infrastructure to rise the security level. But after some time, we recognized, that it has too many drawbacks because the activation of the requested role took sometimes longer than a few hours. Especially in Exchange, Skype or Intune this was

Read More »