Browsed by
Category: Privileged Access Workstation

This is the highest security configuration designed for extremely sensitive roles that would have a signficant or material impact on the organization if their account was compromised

PAW: Love and Thunder

PAW: Love and Thunder

I guess after all the blogs I have written about Endpoint Security, I need to go talk about PAW/SAW not to be mixed up with PAW patrol or the SAW movies. Also, note… I am writing the second part of the TPM Happyness… and it will show you the not documented flow with the Intel Tiger Lake chipset I will divide this blog into multiple parts Background information about PAW Compliance Policies and Conditional Access Hardening your Workstation Removing Local…

Read More Read More

Endpoint & Security, The Curse of the Were-Applocker

Endpoint & Security, The Curse of the Were-Applocker

This blog will be all about the Endpoint Security series blogs I have written until now and why. If you haven’t read my blogs about it please do! I am going to divide this blog into multiple parts: 1.Why? 2.What’s inside the Endpoint Security Suite? 3.Attack Surface Reduction 4.What’s missing in the Endpoint Security suite? 1.Why? Some time ago I needed to configure Application Guard for a customer but I noticed there wasn’t any real good useful information available… only…

Read More Read More

This is Network Protection: The sort of Sequel to Exploit Protection

This is Network Protection: The sort of Sequel to Exploit Protection

This blog will be the 8th part in the Endpoint Security series and will be about Windows Defender Exploit Guard Network Protection WDEG-NP. I will divide this blog into 6 parts Information about network protection and the requirements Configure Microsoft Defender network protection (Smartscreen) for Edge Configure Microsoft Smartscreen for Explorer Configure Microsoft Smartscreen for Internet Explore. NO! just block IE! Logging / Testing Conclusion 1.Information about Network protection Microsoft Defender Exploit Guard Network Protection (MDEG-NP) extends the malware and…

Read More Read More

A walk among the Credential Guards

A walk among the Credential Guards

This blog is the ninth part of the Endpoint security series. It will be about implementing Credential Guard and some insights. While writing the blog I added some more important stuff  I will divide this blog into multiple parts  Information about credential guard and his/her “predecessor”  Credential Guard vs Device Guard vs ASR Rules   Enable Credential Guard with Intune Endpoint Security  Enable Credential Guard with a CSP  Enable Credential Guard with PowerShell  What is Remote Credential Guard  The Problem  Results when credential Guard should be working  Testing Credential Guard with Mimikatz  Disabling Credential Guard  Conclusion 1.Information…

Read More Read More