In this episode of Practical Protection, we dive into the basics of Threat Hunting, tools you can use, and even some DIY hunting advice.
In this installment of Practical Protection, we look at Microsoft’s new OneDrive feature that prompts users to sync personal accounts on managed devices. While intended to reduce shadow IT, it risks exposing corporate data. With no option for admins to opt-out, we provide some advice on what you should do to prepare.
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.
Many tenants have inactive guest accounts, and sometimes in large numbers. Microsoft has made it easy to invite guests but harder for guests to voluntarily leave; overall, the lifecycle management process for guest accounts makes it easy to end up with guest ghosts. Finding out whether you’re a guest ghost host is the purpose of this column.
Microsoft is doing more and more to apply security defaults to our tenants. This is good, but it is still not enough! In this episode of Practical Protection, we dive into a few essential security alerts you should enable in your tenant.
Inactive accounts aren’t glamorous, but they’re a real risk! In this episode of Practical Protection, we dive into the basics of inactive account blocking and share some PowerShell scripts to help automate this process.
In this in episode of Practical Protection, we dive into some recent IT incidents involving applications, and how Intune can be used to block them from your devices.
In this episode of Practical Protection, Paul Robichaux dives into CISA's Microsoft Expanded Cloud Logs Implementation Playbook, its prerequisites, and applying this advice into your organization.