Joined September 2009
- Tweets 1,469
- Following 592
- Followers 323
- Likes 1,561
91 Photos and videos
Pinned Tweet
15 Jul 2021
New blog post: Windows 11 security - a first look
You have heard about the TPM requirement. In this post, I talk about the background and give a high-level overview on hardening capabilities in #Windows11.
#WindowsInsider @windowsinsider
#Microsoft
chrisonsecurity.net/2021/07/…
4
1
chrisonsecurity retweeted
23 Feb 2023
#PingCastle 3.0 released !!!
pingcastle.com/download/
Active Directory & AzureAD security health check in seconds
>200k AD audited, management readable, no install, no admin, no data sent "to a cloud"
Example of report: pingcastle.com/PingCastleFil…
github: github.com/vletoux/pingcastl…
13
194
566
67,546
14 Nov 2022
I use(d) Twitter for two things:
1. as some sort of RSS feed for tech news
2. to stay in touch with the infosec community
For the latter I can say that I really love the energy over at Mastodon, so naturally I also joined: infosec.exchange/@ChrisOnSec…
See you there!
chrisonsecurity retweeted
2 Sep 2022
For any #Microsoft365Security analysts out there, we've published addons.mozilla.org/addon/zip… to password-protect your #Malware downloads through the #LiveResponse sessions 🪲 A standard feature one could have said... #infected #zip
ALT Get an "infected"-protected ZIP, instead of the plain malware...
3
43
137
chrisonsecurity retweeted
30 Aug 2022
The definitive reference of changes between Win10 and Win11! Huge thanks to @bunsofwrath12 for taking on this documentation effort for the #DFIR community >>
Windows 10 vs. Windows 11, What Has Changed? giac.org/research-papers/win… a repo of raw artifacts: github.com/AndrewRathbun/SAN…
1
56
153
chrisonsecurity retweeted
26 Aug 2022
Aug. 2022 update of ~80 Defender for Endpoint features by OS.
Updates:
• Available in Excel (biggest request)
• New vulnerability management capabilities
• Improvements to macOS, Linux, iOS, and Android features
• Loads more
Feedback welcomed!
campbell.scot/mde-comparison…
8
54
166
chrisonsecurity retweeted
24 Aug 2022
I'm excited about this one 🎉 Hunt in Microsoft 365 Defender without KQL! Our new query builder is now in public preview
techcommunity.microsoft.com/… thanks @Taliash1
3
66
145
chrisonsecurity retweeted
16 Aug 2022
Sysmon 14.0 has been just released by @Sysinternals . Sporting a new feature that will now allow it to start having prevention features. The new Event ID is 27 and is called FileBlockExecutable.
I've written a short blog with some more details.
medium.com/@olafhartong/sysm…
#sysmon
8
289
679
chrisonsecurity retweeted
8 Aug 2022
How to get started with Microsoft Defender Threat Intelligence (MDTI)
👉bit.ly/3zDh85k
MDT premium license is needed for all features but without a license, you can login to the portal and access for free Defender TI offering
24
79
chrisonsecurity retweeted
3 Aug 2022
The #BloodHoundEnterprise is proud to announce the release of #BloodHound 4.2: The Azure Refactor!
This is a HUGE release. Get all the details in this blog post: posts.specterops.io/1cff7349…
8
148
386
chrisonsecurity retweeted
2 Aug 2022
Have you checked out all the new learning resources for the entire Microsoft 365 Defender suite of product in our new learning portal? docs.microsoft.com/en-us/lea…
1
32
112
chrisonsecurity retweeted
1 Aug 2022
Hey all #passwordless friends! Excited to share that Multiple Passwordless Phone sign-in accounts on one iOS device is now in public preview! Check out below for more details.
docs.microsoft.com/en-us/azu…
7
52
143
27 Jul 2022
Struggled for 2 days until I found out why I was unable to change the user scope of my CA policies: if you just select (1) the policy won't save the change unless you also select (2). That happened automatically previously.
#ConditionalAccess #AzureAD
1
1
27 Jul 2022
Yes, it makes sense that way. Just shows how you perform an action out of habit and you suddenly have delays in multiple projects.
24 Jul 2022
„How do I know if I have WIP enabled on my devices?“
I think if you implemented WIP you remember the pain. techcommunity.microsoft.com/…
1
16
chrisonsecurity retweeted
25 Jun 2022
#LAPS built-in in to #Windows11 #Insider and support for #AzureAD, #PasswordHistory and much more. #MEM #EndpointManagement
bit.ly/3yiRKSZ
27
54
chrisonsecurity retweeted
31 May 2022
I’m over the moon to help launch Microsoft Entra, our new family of Identity and Access solutions that includes Azure AD, Entra Permissions Management (previously CloudKnox), Entra Verified ID and a new simplified admin portal experience microsoft.com/security/blog/…
6
83
202
chrisonsecurity retweeted
24 May 2022
Unser Security Experte @ChrisOnSecurity erklärt, wie anfällig Azure AD für MFA-Spamming ist und wie Unternehmen MFA trotzdem in sichereren Konfigurationen verwenden können. eu1.hubs.ly/y0-1mH0
#security #azuread #ActiveDirectory #mfa #ITsecurity #zerotrust
1
1
chrisonsecurity retweeted
16 May 2022
Did you know you can populate Administrative Units in Azure AD based on a user's on-premises OU?
You can now key off of the onPremisesDistinguisedName property of a user to add them to an AU:
7
85
284
chrisonsecurity retweeted
12 May 2022
Happy to share we've decreased false positives for impossible travel alerts by up to 75% across Defender for Cloud Apps and M365 Defender
techcommunity.microsoft.com/…
4
46
172