Browsed by
Category: Endpoint Security Series

Endpoint & Security, The Curse of the Were-Applocker

Endpoint & Security, The Curse of the Were-Applocker

This blog will be all about the Endpoint Security series blogs I have written until now and why. If you haven’t read my blogs about it please do! I am going to divide this blog into multiple parts: 1.Why? 2.What’s inside the Endpoint Security Suite? 3.Attack Surface Reduction 4.What’s missing in the Endpoint Security suite? 1.Why? Some time ago I needed to configure Application Guard for a customer but I noticed there wasn’t any real good useful information available… only…

Read More Read More

This is Network Protection: The sort of Sequel to Exploit Protection

This is Network Protection: The sort of Sequel to Exploit Protection

This blog will be the 8th part in the Endpoint Security series and will be about Windows Defender Exploit Guard Network Protection WDEG-NP. I will divide this blog into 6 parts Information about network protection and the requirements Configure Microsoft Defender network protection (Smartscreen) for Edge Configure Microsoft Smartscreen for Explorer Configure Microsoft Smartscreen for Internet Explore. NO! just block IE! Logging / Testing Conclusion 1.Information about Network protection Microsoft Defender Exploit Guard Network Protection (MDEG-NP) extends the malware and…

Read More Read More

A walk among the Credential Guards

A walk among the Credential Guards

This blog is the ninth part of the Endpoint security series. It will be about implementing Credential Guard and some insights. While writing the blog I added some more important stuff  I will divide this blog into multiple parts  Information about credential guard and his/her “predecessor”  Credential Guard vs Device Guard vs ASR Rules   Enable Credential Guard with Intune Endpoint Security  Enable Credential Guard with a CSP  Enable Credential Guard with PowerShell  What is Remote Credential Guard  The Problem  Results when credential Guard should be working  Testing Credential Guard with Mimikatz  Disabling Credential Guard  Conclusion 1.Information…

Read More Read More

O Removable Storage, Where Art Thou?

O Removable Storage, Where Art Thou?

I guess it’s time for the sixth part of the Endpoint Security Series. This time I will walk you through what Microsoft Defender Device Control is, how to configure it in Intune and how it works. I will divide this blog into 8 parts  Information about device control. Configuring Device Control in Intune Results of Blocking Specific Hardware Results of preventing Write Access Removable Storage Deploy printer protection on Windows Digger deeper Logging Removing/Changing the policy Conclusion 1.Information about device control  Microsoft Defender for…

Read More Read More