by Alex Verboon
Okay there’s this rule , if you do something manually for the third time, it’s about time to think of automating it. Here’s a script that I created to create Group Policy Objects and import the security baseline settings. The Read More …
Back in May the Microsoft Defender Advanced Threat Protection team announced the availability of the Live response feature in MDATP. Today I took a closer look at this and thought I’d share my experiences and findings. What’s that live response Read More …
As a best practice you should have at least one or two emergency accounts in your Azure Active Directory. You would use these accounts in the event where due to a configuration mistake you inadvertently locked yourself out of the Read More …
if you need information on active TCP connections, you probably start with the netstat command When using the -b or -o parameter netstat will also list the executable involved in creating the process respectively the owing Process ID. The output Read More …
CIS-CAT stands for Center for internet Security Configuration Assessment Tool. The CIS-CAT tool is used to perform configuration and vulnerability assessments. The Pro version is only available to CIS members, however if you want to try out the software, you Read More …
Nowadays regular deployment of security updates is a must, whether at home or within the enterprise. If you are responsible to keep systems up to date you deploy the latest updates as soon as possible. But it is equally important Read More …
How to check if Control Flow Guard is enabled Control Flow Guard helps mitigate exploits that are based on flow between code locations in memory. Control Flow Guard (CFG) is a mitigation that requires no configuration within the operating system, Read More …
Hey there, the Internet Storm Center recently extended their Rest API with some features for Microsoft Patch Data. So where there is a REST API, there’s an opportunity for a PowerShell Script. The Get-IscMSSecBulletinInfo can be found here: https://github.com/alexverboon/posh/blob/master/Security/Get-IscMSSecBulletinInfo.ps1 Cheers Read More …
Many companies and individuals use the Microsoft Baseline Security Analyzer (MBSA) to assess the security state of their Windows Clients. But according to a statement from Microsoft in their August 2012 Security Bulletin, there are currently no plans to release Read More …
In addition to the Microsoft Security Essentials software and the Microsoft Safety Scanner Microsoft just recently released another FREE antimalware removal product called the Windows Defender Offline Beta. While Security Essentials and Safety Scanner run within Windows, the purpose of Read More …