ESC15 Vulnerability: Identifying and Protecting Your AD CS PKI
October 17, 2024
[blog]
The authority on identity and security in Microsoft
Does securing your business keep you up at night? Sleep better staying in the know – read our experts’ unique takes on trends in cybersecurity.
There are a few key terms that are critical when understanding and deploying Microsoft Information Protection (MIP). For example, sensitivity labels give you a way to classify and protect data [...]
In Part 3 of this blog series, we discuss some other important considerations when taking this approach to automation. [...]
Part 2 of this blog series gets into the details of how to create and configure an app registration for use with an automated PowerShell script. [...]
Automation is a fundamental requirement for good systems administration, no matter what the platform. Being able to automate tasks ensures consistency and prevents mistakes caused by forgetfulness or by simply [...]
Migrating your Active Directory Federation Services (AD FS) integrated SaaS applications to Azure Active Directory (Azure AD) provides many benefits. For example, Azure AD B2B lets you give your business [...]
Do you know how to protect organizational data on mobile devices without affecting personal data? Are you aware of the policies required to implement a strong foundation for protecting your [...]
One of the most important security controls in an Active Directory (AD) forest is the prevention of privilege escalation paths. The tiered access model for AD introduces a significant number [...]
The workstation an administrator uses to perform privileged tasks such as managing Active Directory (AD) is a high-value target for a potential adversary. By providing administrators with a clean keyboard, [...]
Strong identity management practices are critical if you want to be able to adequately secure your Microsoft Azure subscriptions. For most organizations, the foundation begins with your on-premises Active Directory [...]
Ensuring that your user identities are protected from modern attack vectors such as phishing schemes and credential leaks should be a critical part of your enterprise security strategy. When attackers [...]
Passwords are an insecure authentication mechanism. They are often easily guessed, and the computing power necessary to crack passwords is readily available. Although many organizations have the goal of switching to an entirely password-less authentication system, most companies cannot do [...]
We’re frequently asked how to enable compliance notifications for devices enrolled in Microsoft Intune. Although this task isn’t difficult, there are numerous ways to easily misconfigure it. The basic requirements [...]