Autopilot for pre-provisioned deployment and the lost Azure Ad Join

Autopilot for pre-provisioned deployment and the lost Azure Ad Join

This blog will be about an Autopilot White Gloved device that ended up in Intune but without an Azure Ad Join even while it showed us a nice green screen before sealing it! This blog is work in progress so it will be updated daily!!!! I will divide this blog into multiple parts Introduction The Issue TRYING to solve it! Azure Ad and Intune Device certificate The Device Certificate and White Glove Back to the Issue Fixing it Manually for…

Read More Read More

Honeypot: The Last Reconnaissance

Honeypot: The Last Reconnaissance

After reading this fantastic article on the Technet Community about the Attack Kill Chain, I realized I still needed to get this blog out. This blog will be about how you could set up some simple honeypot detections by creating some canary accounts to make sure you are protected against some insider threats. I am going to divide this blog into multiple parts: 1.Introduction 2.Honeypot document 3.Creating the document 4.Logging with alert policies 5.Logging with mcas policies 6.Results 1.Introduction Making…

Read More Read More

Godfather of Logging

Godfather of Logging

After reading a question on (yes I know) a Facebook group about how to monitor Applocker on AADJ devices, I realised I didn’t have a blog about this topic…So here we go! In this blog, I am going to show you why you could use Azure Log Analytics as a basic Applocker monitoring solution and of course how to setup it up step by step. I am going to divide this blog into multiple parts What is Azure Log Analytics…

Read More Read More

Endpoint & Security, The Curse of the Were-Applocker

Endpoint & Security, The Curse of the Were-Applocker

This blog will be all about the Endpoint Security series blogs I have written until now and why. If you haven’t read my blogs about it please do! I am going to divide this blog into multiple parts: 1.Why? 2.What’s inside the Endpoint Security Suite? 3.Attack Surface Reduction 4.What’s missing in the Endpoint Security suite? 1.Why? Some time ago I needed to configure Application Guard for a customer but I noticed there wasn’t any real good useful information available… only…

Read More Read More