Why Patching Isn’t Enough & Where to Start Hunting

This webcast happened on Friday, March 12 @ 11:00 a.m. ET (60 minutes) 

Watch on demand here

In this webcast, our panel of Microsoft Certified Masters, MVPs, and Quest experts shared with us how they are advising clients to spot and stop existing Exchange Server compromises, including: 

  • How and where to spot key indicators of compromise 
  • Practical guidance on next steps to take if you’ve been compromised 
  • Ways to proactively start protecting yourself against future attacks 

Microsoft wants you to know that patching the four critical security flaws in Microsoft Exchange Server listed in CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 does not remediate existing compromised systems. Organizations need to patch, and then they need to investigate and, if compromised, stop the attack. Like most other attacks, this exploit is an avenue for an attacker to gain access to the rest of your network, meaning the investigation must widen beyond Exchange. 

This on-demand webcast is a must-watch for any organization with an on-premises Exchange Server, even if that one server is only there to help manage hybrid Active Directory. The panel discussed what you can do natively and what Quest customers can do with their Change Auditor and Enterprise Reporter solutions to investigate and stop attacks.  

You’ll hear from Exchange Server Microsoft Certified Master and MVP Jeff Guillet, Microsoft Certified Solutions Master and MVP Michael Van Horenbeeck (a.k.a. Mr. Van Hybrid), Microsoft MVP Paul Robichaux, and CISSP and Quest solutions expert Bryan Patton. 

If you missed this panel discussion, make sure to join us on Thursday, March 18 for our upcoming webcast ‘Exchange Server Exploits: Why Email is More Secure and How to Finally Move

Jeff Guillet, Exchange Server Microsoft Certified Master and Microsoft MVP, Founder of EXPTA Consulting 

Founder of EXPTA Consulting, a technology consulting company and Microsoft Partner based in the San Francisco Bay Area specializing in on-premises and cloud solutions. Microsoft Certified Solutions Master, Exchange MVP, author, blogger, and Principal Systems Architect. Jeff holds Exchange Microsoft Certified Master, MCITP:Enterprise Administrator, MCITP:Enterprise Messaging Administrator, MCITP:Lync Server Administrator, MCITP:Virtualization Adminstrator, MCSE:Messaging and CISSP certifications.  

Jeff is the author of The EXPTA {blog}, as well as a speaker, published author, contributing writer, and technical editor for more than a dozen technical books and other publications. He frequently speaks at Microsoft Ignite, TechEd, and IT Dev Connections conferences. 

Michael Van Horenbeeck, Microsoft Certified Solutions Master (MCSM) and Office Servers & Services MVP, Independent Consultant 

Michael Van Horenbeeck is an independent consultant he has helped customers all over the world to design, implement, and migrate to Exchange and Office 365. He is a dynamic tech enthusiast, specializes in a variety of Microsoft technologies including Office 365, Exchange and (Azure) Active Directory and is highly skilled in all things hybrid –that is how he got his nickname “Van Hybrid”. Besides writing about technology for a variety of tech websites, Michael co-authored several books including the first four editions of ‘Office 365 for IT Pros’ e-book with Tony Redmond and Paul Cunningham. Michael also loves to talk about technology and regularly speaks at various conferences like Microsoft TechEd, Ignite and IT/DEV Connection. 

Paul Robichaux, Microsoft Office Apps & Services MVP, Sr. Director of Product Management, Quest Software 

Paul Robichaux, an Office Apps and Services MVP since 2002, leads product development for the Microsoft Platform Management group at Quest, the world leader in Office 365 migration, automation, reporting, and security products. Paul’s unique background includes stints writing Space Shuttle payload software in FORTRAN, developing cryptographic software for the US National Security Agency, helping giant companies deploy Office 365 to their worldwide users, and writing about and presenting on Microsoft’s software and server products. 

Bryan Patton, CISSP, Principal Strategic Systems Consultant, Quest Software 

Bryan Patton has helped customers shape their Microsoft environments for the last 20 years as a Principal Strategic Consultant for Quest Software. With particular emphasis on Active Directory and Office 365 environments, Bryan specializes in Identity and Access Management, Data Governance, Migration, and Security, including Certified Information Systems Security Professional (CISSP) certification. 

Watch on demand here

About the Author

Jennifer LuPiba

Jennifer LuPiba is the Chair of the Quest Software Customer Advisory Board, engaging with and capturing the voice of the customer in such areas as cybersecurity, disaster recovery, management and the impact of mergers and acquisitions on Microsoft 365, Azure Active Directory and on-prem Active Directory. She also writes thought leadership articles and blogs aimed at the c-suite to evangelize the importance of these areas to their overall business. She chairs The Experts Conference, a yearly event focused on pure AD and Office 365 training at the 300 and 400 level for the boots-on-the-ground Microsoft admins and managers.

Leave a Reply