🔒 Secure Bits 💡 𝗗𝗼 𝗬𝗼𝘂 𝗨𝘀𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀? Security Baselines are one of the 𝗺𝗼𝘀𝘁 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗰𝗼𝗻𝘁𝗿𝗼𝗹𝘀 for locking down your Windows infrastructure. They allow you to enforce a 𝗱𝗲𝗳𝗶𝗻𝗲𝗱 𝘀𝗲𝗰𝘂𝗿𝗲 𝘀𝘁𝗮𝘁𝗲 across your environment via Group Policy or Microsoft Intune—hundreds of settings, centrally managed. Microsoft provides free Security Baselines. Stricter ones exist too—often behind a paywall. Or you can build your own. (I break this down in detail inside my 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗼𝘂𝗿𝘀𝗲.) But here’s the catch: 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗶𝗻𝗴 𝘁𝗵𝗲𝗺 𝗰𝗮𝗻 𝗯𝗿𝗲𝗮𝗸 𝘆𝗼𝘂𝗿 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁. 💡Why? Because most real-world environments still rely on 𝗼𝘂𝘁𝗱𝗮𝘁𝗲𝗱 𝗽𝗿𝗼𝘁𝗼𝗰𝗼𝗹𝘀 and 𝘄𝗲𝗮𝗸𝗲𝗿 𝗰𝗿𝘆𝗽𝘁𝗼 𝗮𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺𝘀 like: ▪️RC4 ▪️LM Hashes ▪️NTLM ▪️DES ▪️Older TLS versions ...and more. 🔒 And Security Baselines rightfully 𝗱𝗶𝘀𝗮𝗯𝗹𝗲 𝗮𝗹𝗹 𝗼𝗳 𝘁𝗵𝗲𝗺. ❓So how do you implement baselines safely? Treat it as a 𝗽𝗿𝗼𝗷𝗲𝗰𝘁, 𝗻𝗼𝘁 𝗮 𝗾𝘂𝗶𝗰𝗸 𝗳𝗶𝘅. Years of ignoring best practices can’t be reversed overnight. ✅ Use Microsoft’s 𝗣𝗼𝗹𝗶𝗰𝘆 𝗔𝗻𝗮𝗹𝘆𝘇𝗲𝗿 to: ▪️Compare your current configuration vs. the baseline ▪️Identify exactly what will change ▪️Assess potential impact to applications or services Even though it takes time and careful planning, 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 𝗮𝗿𝗲 𝘄𝗼𝗿𝘁𝗵 𝗶𝘁—they’re one of the strongest foundational measures in Windows security. 𝗛𝗮𝘃𝗲 𝘆𝗼𝘂 𝗶𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗲𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁? Drop a comment below—curious to see how others are tackling this 👇 #SecurityBaselines #Windows #ActiveDirectory #Cybersecurity @BlueTeamDave

🔎𝗙𝗿𝗼𝗺 𝘁𝗵𝗲 𝗙𝗶𝗲𝗹𝗱: Real-World Findings from Security Assessments 📌𝟴𝟲% of infrastructures I analyzed had 𝗻𝗼 𝗧𝗶𝗲𝗿𝗶𝗻𝗴 𝗠𝗼𝗱𝗲𝗹 𝗼𝗿 𝗔𝗰𝗰𝗲𝘀𝘀 𝗥𝗲𝘀𝘁𝗿𝗶𝗰𝘁𝗶𝗼𝗻𝘀 in place. This is a critical oversight — especially when attackers gain a foothold in your environment. 𝗛𝗲𝗿𝗲’𝘀 𝘄𝗵𝘆 𝘁𝗵𝗮𝘁 𝗺𝗮𝘁𝘁𝗲𝗿𝘀: 🚨 By default, Active Directory is too permissive ▪️ Privileged accounts can log in anywhere ▪️ There are escalation paths everywhere ▪️ Secrets get spread across the entire environment Without access restrictions, attackers don’t need zero-days — they just move laterally. 𝗪𝗵𝗮𝘁 𝗰𝗮𝗻 𝘆𝗼𝘂 𝗱𝗼? ✔ Implement a Tiering Model to control where privileged accounts can authenticate. ✔ Restrict access between tiers. ✔ Make secrets useless outside their designated tier. This is one of the most effective defenses in Active Directory — and it doesn’t rely on patching vulnerabilities. 🧠 I explain Tiering Models and how to implement Access Restrictions in my 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗰𝗼𝘂𝗿𝘀𝗲 — perfect if you want to secure your AD the right way. 🔐 Are you using a Tiering Model in your environment? #Windows #Cybersecurity #ActiveDirectory #SecurityBaselines @blueteamdave

🔒 Secure Bits 💡 𝗛𝗼𝘄 𝘁𝗼 𝘁𝗿𝗮𝗰𝗸 𝗡𝗧𝗟𝗠 𝘂𝘀𝗮𝗴𝗲 𝗯𝗲𝗳𝗼𝗿𝗲 𝗲𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴/𝗱𝗶𝘀𝗮𝗯𝗹𝗶𝗻𝗴 𝗶𝘁? NTLM is a legacy protocol that’s still hanging around in many environments — and it’s a 𝗽𝗼𝗽𝘂𝗹𝗮𝗿 𝘁𝗮𝗿𝗴𝗲𝘁 𝗳𝗼𝗿 𝗮𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀. But enforcing strict NTLM restrictions without auditing first? 𝗧𝗵𝗮𝘁’𝘀 𝗮 𝗿𝗲𝗰𝗶𝗽𝗲 𝗳𝗼𝗿 𝗼𝘂𝘁𝗮𝗴𝗲𝘀. 𝗛𝗲𝗿𝗲’𝘀 𝗵𝗼𝘄 𝘁𝗼 𝗽𝗿𝗼𝗰𝗲𝗲𝗱 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘄𝗮𝘆: 📌  𝗢𝗽𝘁𝗶𝗼𝗻 𝟭: 𝗘𝗻𝗮𝗯𝗹𝗲 𝗡𝗧𝗟𝗠 𝗔𝘂𝗱𝗶𝘁𝗶𝗻𝗴 Use these GPOs to track NTLM on the Domain Controller side: Security Settings\Local Policies\Security Options\ → Network security: Restrict NTLM: Audit incoming NTLM traffic → Network security: Restrict NTLM: Audit NTLM authentication in this domain ✅ These give you Event IDs: 𝟴𝟬𝟬𝟮, 𝟴𝟬𝟬𝟯, 𝗮𝗻𝗱 𝟴𝟬𝟬𝟰. This way you can track NTLM through your domain controllers - no need to collect 4624 on every device. ⚠️ 𝗗𝗿𝗮𝘄𝗯𝗮𝗰𝗸:  They don’t show 𝘄𝗵𝗶𝗰𝗵 𝗡𝗧𝗟𝗠 𝘃𝗲𝗿𝘀𝗶𝗼𝗻 is used — so they’re great for auditing overall NTLM usage, but not ideal for enforcing NTLMv2 only. 📌 𝗢𝗽𝘁𝗶𝗼𝗻 𝟮: 𝗖𝗼𝗹𝗹𝗲𝗰𝘁 𝟰𝟲𝟮𝟰 𝗟𝗼𝗴𝘀 𝗼𝗻 𝗮𝗹𝗹 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 Event ID 4624 logs on the machine where the user authenticates — this does 𝗶𝗻𝗰𝗹𝘂𝗱𝗲 𝘁𝗵𝗲 𝗡𝗧𝗟𝗠 𝘃𝗲𝗿𝘀𝗶𝗼𝗻 and it tells you if NTLMv1 or v2 was used — great for planning phased enforcement. Pair this with Event ID 4776 on DCs (less useful alone), and you’ll get the full picture. 📌 𝗢𝗽𝘁𝗶𝗼𝗻 𝟯: 𝗪𝗮𝘁𝗰𝗵 𝗳𝗼𝗿 𝗘𝗻𝗵𝗮𝗻𝗰𝗲𝗱 𝗡𝗧𝗟𝗠 𝗔𝘂𝗱𝗶𝘁𝗶𝗻𝗴 (𝗖𝗼𝗺𝗶𝗻𝗴 𝗦𝗼𝗼𝗻) A new NTLM auditing mode is on the way in Windows 11 24H2 and Windows Server 2025. This will finally log who, why, and where — 𝗱𝗶𝗿𝗲𝗰𝘁𝗹𝘆 𝗼𝗻 𝗗𝗼𝗺𝗮𝗶𝗻 𝗖𝗼𝗻𝘁𝗿𝗼𝗹𝗹𝗲𝗿𝘀 — 𝗮𝗻𝗱 𝗲𝘃𝗲𝗻 𝘀𝗵𝗼𝘄 𝘁𝗵𝗲 𝗡𝗧𝗟𝗠 𝘃𝗲𝗿𝘀𝗶𝗼𝗻. 🎯 It’s not fully rolled out yet, but GPO options are already appearing. 🧠 𝗧𝗮𝗸𝗲𝗮𝘄𝗮𝘆: → Start with auditing. → Find what’s still using NTLM, identify NTLMv1 accounts, and phase out usage safely. 💬 Are you planning to enforce NTLMv2 or eliminate NTLM entirely? #NTLM #ActiveDirectory #CyberSecurity #SecureBits #SecurityBaselines #BlueTeam #HorizonSecured @BlueTeamDave

🔒 Secure Bits 💡 𝗪𝗮𝗻𝘁 𝘁𝗼 𝗱𝗶𝘀𝗮𝗯𝗹𝗲 𝗥𝗖𝟰 𝗮𝗻𝗱 𝗲𝗻𝗳𝗼𝗿𝗰𝗲 𝗔𝗘𝗦 𝗶𝗻 𝗞𝗲𝗿𝗯𝗲𝗿𝗼𝘀? You should — but 𝗱𝗼𝗻’𝘁 𝗱𝗼 𝗶𝘁 𝗯𝗹𝗶𝗻𝗱𝗹𝘆. Enforcing strong authentication (like AES-only Kerberos) is an important part of 𝗺𝗼𝗱𝗲𝗿𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 — just like LDAP signing or NTLM hardening. But in older environments, RC4 is still widely used, and flipping the switch 𝗰𝗮𝗻 𝗯𝗿𝗲𝗮𝗸 𝘁𝗵𝗶𝗻𝗴𝘀 𝗳𝗮𝘀𝘁. 🛑 Don’t deploy security baselines without visibility first. 𝗛𝗲𝗿𝗲’𝘀 𝗵𝗼𝘄 𝘁𝗼 𝘀𝗮𝗳𝗲𝗹𝘆 𝘁𝗿𝗮𝗰𝗸 𝗞𝗲𝗿𝗯𝗲𝗿𝗼𝘀 𝗲𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗼𝗻 𝘂𝘀𝗮𝗴𝗲: 📝 𝗘𝗻𝗮𝗯𝗹𝗲 𝘁𝗵𝗲 𝗳𝗼𝗹𝗹𝗼𝘄𝗶𝗻𝗴 𝗮𝘂𝗱𝗶𝘁 𝗽𝗼𝗹𝗶𝗰𝗶𝗲𝘀: → Advanced Audit Policy Configuration\Account Logon ✔ Audit Kerberos Authentication Service ✔ Audit Kerberos Service Ticket Operations 𝗧𝗵𝗶𝘀 𝗲𝗻𝗮𝗯𝗹𝗲𝘀 𝗘𝘃𝗲𝗻𝘁 𝗜𝗗𝘀 𝟰𝟳𝟲𝟴 𝗮𝗻𝗱 𝟰𝟳𝟲𝟵, 𝘄𝗵𝗶𝗰𝗵 𝗹𝗼𝗴: 🔸 Ticket Encryption Type 🔸 Pre-Authentication Encryption Type 𝗔𝗻𝗱 𝘀𝗶𝗻𝗰𝗲 𝗝𝗮𝗻 𝟮𝟬𝟮𝟱 — 𝗲𝘅𝘁𝗿𝗮 𝗳𝗶𝗲𝗹𝗱𝘀 𝗹𝗶𝗸𝗲: 🔹 Advertised Etypes 🔹 Supported Encryption Types 🔹 Available Keys Once you see which accounts still rely on 𝗥𝗖𝟰, you can fix them — and safely enforce AES across the domain. ✅ Audit first. Enforce later. Break nothing. 📌 I’ll continue this series on real-world challenges when applying security baselines — and how to do it without breaking legacy systems. #Kerberos #RC4 #AES #SecurityBaselines #SecureBits #WindowsSecurity #ActiveDirectory #BlueTeam #HorizonSecured @BlueTeamDave

🔒 Secure Bits 💡 𝗛𝗼𝘄 𝘁𝗼 𝘁𝗿𝗮𝗰𝗸 𝗟𝗗𝗔𝗣 𝘀𝗶𝗴𝗻𝗶𝗻𝗴 𝗶𝗻 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝗯𝗲𝗳𝗼𝗿𝗲 𝗲𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝗶𝘁? When applying 𝘀𝘁𝗿𝗶𝗰𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀, enforcing LDAP signing is a common (and critical) step. It disables weak authentication methods like LDAP simple bind, which transmits credentials in plaintext and no signing allows MITM attacks. But if your infrastructure is older, 𝗲𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝗶𝘁 𝗼𝘂𝘁𝗿𝗶𝗴𝗵𝘁 𝗰𝗮𝗻 𝗯𝗿𝗲𝗮𝗸 𝘁𝗵𝗶𝗻𝗴𝘀. 💥 So before enforcement — 𝘁𝗿𝗮𝗰𝗸 𝘄𝗵𝗮𝘁’𝘀 𝘂𝘀𝗶𝗻𝗴 𝘂𝗻𝘀𝗶𝗴𝗻𝗲𝗱 𝗟𝗗𝗔𝗣. 𝗛𝗲𝗿𝗲’𝘀 𝗵𝗼𝘄: 📝 𝗦𝘁𝗲𝗽 𝟭 — 𝗖𝗵𝗲𝗰𝗸 𝗱𝗲𝗳𝗮𝘂𝗹𝘁 𝗹𝗼𝗴𝘀 Event ID 2887 in the Directory Service log reports unsigned LDAP attempts every 24 hours. But it’s vague. 🔍 𝗦𝘁𝗲𝗽 𝟮 — 𝗘𝗻𝗮𝗯𝗹𝗲 𝗱𝗲𝘁𝗮𝗶𝗹𝗲𝗱 𝗱𝗶𝗮𝗴𝗻𝗼𝘀𝘁𝗶𝗰𝘀 Registry path: HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics Set 16 LDAP Interface Events to 2 This gives you 𝗘𝘃𝗲𝗻𝘁 𝗜𝗗 𝟮𝟴𝟴𝟵, which shows exact clients using unsigned LDAP. ✅ Use this to find and fix legacy apps before enforcing LDAP Signing and disabling Simple Bind. 💡 𝗔𝘃𝗼𝗶𝗱 𝘁𝗵𝗲 “𝗲𝗻𝗳𝗼𝗿𝗰𝗲 → 𝗯𝗿𝗲𝗮𝗸 𝗲𝘃𝗲𝗿𝘆𝘁𝗵𝗶𝗻𝗴” scenario — audit first. 📌 In this series, I’ll be covering 𝗿𝗲𝗮𝗹-𝘄𝗼𝗿𝗹𝗱 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 𝗼𝗳 𝗮𝗽𝗽𝗹𝘆𝗶𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗯𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 — including the exceptions you sometimes must make to keep legacy infrastructure operational. Based on lessons from production environments. #LDAP #ActiveDirectory #CyberSecurity #SecureBits #SecurityBaselines #BlueTeam #HorizonSecured @BlueTeamDave

🔒 Secure Bits 💡 𝗗𝗼 𝗬𝗼𝘂 𝗨𝘀𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀? Security Baselines are one of the 𝗺𝗼𝘀𝘁 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗰𝗼𝗻𝘁𝗿𝗼𝗹𝘀 for locking down your Windows infrastructure. They allow you to enforce a 𝗱𝗲𝗳𝗶𝗻𝗲𝗱 𝘀𝗲𝗰𝘂𝗿𝗲 𝘀𝘁𝗮𝘁𝗲 across your environment via Group Policy or Microsoft Intune—hundreds of settings, centrally managed. Microsoft provides free Security Baselines. Stricter ones exist too—often behind a paywall. Or you can build your own. (I break this down in detail inside my 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗼𝘂𝗿𝘀𝗲.) But here’s the catch: 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗶𝗻𝗴 𝘁𝗵𝗲𝗺 𝗰𝗮𝗻 𝗯𝗿𝗲𝗮𝗸 𝘆𝗼𝘂𝗿 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁. 💡Why? Because most real-world environments still rely on 𝗼𝘂𝘁𝗱𝗮𝘁𝗲𝗱 𝗽𝗿𝗼𝘁𝗼𝗰𝗼𝗹𝘀 and 𝘄𝗲𝗮𝗸𝗲𝗿 𝗰𝗿𝘆𝗽𝘁𝗼 𝗮𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺𝘀 like: ▪️RC4 ▪️LM Hashes ▪️NTLM ▪️DES ▪️Older TLS versions ...and more. 🔒 And Security Baselines rightfully 𝗱𝗶𝘀𝗮𝗯𝗹𝗲 𝗮𝗹𝗹 𝗼𝗳 𝘁𝗵𝗲𝗺. ❓So how do you implement baselines safely? Treat it as a 𝗽𝗿𝗼𝗷𝗲𝗰𝘁, 𝗻𝗼𝘁 𝗮 𝗾𝘂𝗶𝗰𝗸 𝗳𝗶𝘅. Years of ignoring best practices can’t be reversed overnight. ✅ Use Microsoft’s 𝗣𝗼𝗹𝗶𝗰𝘆 𝗔𝗻𝗮𝗹𝘆𝘇𝗲𝗿 to: ▪️Compare your current configuration vs. the baseline ▪️Identify exactly what will change ▪️Assess potential impact to applications or services Even though it takes time and careful planning, 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 𝗮𝗿𝗲 𝘄𝗼𝗿𝘁𝗵 𝗶𝘁—they’re one of the strongest foundational measures in Windows security. 𝗛𝗮𝘃𝗲 𝘆𝗼𝘂 𝗶𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗲𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁? Drop a comment below—curious to see how others are tackling this 👇 #SecurityBaselines #Windows #ActiveDirectory #Cybersecurity

Lock Down Your Windows Server: Easy Security with Microsoft's Secret Recipe! #SecurityBaselines #MicrosoftSecurity #WindowsServer #ITPro #CybersecurityTools #PowerShell

Microsoft's One-Line Security Fix: Lock Down Your Windows Server NOW! #SecurityBaselines #MicrosoftSecurity #WindowsServer #DomainController #MemberServer #Workgroup #Cybersecurity #SystemSecurity #ITSecurity #SecurityTools

🚀 Windows Server 2025: Simplified Drift Control and Security Baselines with OSConfig! 🚀 Imagine deploying a full security baseline to Windows Server 2025 in seconds, knowing it’s locked down and stays compliant. No GPO refreshes or manual tweaks required. Windows Server 2025’s new OSConfig feature introduces Declared Configuration for seamless baseline deployment and automatic drift control, putting compliance on autopilot. Are you curious about how OSConfig can transform your server management strategy? Join me as I explain this powerful new tool, which is set to change the game for configuration management! lnkd.in/ea48PYUj #WindowsServer2025 #OSConfig #DeclaredConfiguration #DriftControl #ConfigurationManagement #SecurityBaselines #Security #Intune #MSIntune #Windows #Windows11 #patchmypc

Have you ever received the “This App Has Been Blocked by Your System Administrator” message and thought, “Oh, it’s probably just AppLocker or some security policy.” patchmypc.com/this-app-has-b… But then you dive in, only to realize it’s like being stuck in a dense forest, with every tree representing a different policy blocking your path. Each step forward reveals another dead end: #AppLocker, #WDAC, #ConditionalAccess, and #SecurityBaselines… but none of them are the real culprit. It’s easy to feel lost, chasing shadows through layers of settings designed to keep you guessing. It’s not just a troubleshooting task anymore; it’s a full-blown mystery hunt! 🕵️‍♂️ Ultimately, the solution is often hidden in a place you’d never expect. Curious what’s really causing the block? Let’s shed some light on this forest of hidden settings together! 🔦 #Windows11 #Windows #Intune #MSIntune

What's the best way to compare and migrate the new #SecurityBaselines in #Intune? I tried using the following script from @mwbengtsson to compare but it's not picking up my new 23H2 policy: github.com/imabdk/Powershell… Trying to piece it together but PS isn't my top skill...

New video out! This time we have had the honor of having @lavanyal in the studio to talk about Settings Insights and Anomaly detection. Enjoy! youtube.com/watch?v=iU-7WHh3… #MSIntune #SecurityBaselines #Anomaly #MachineLearning #AI #MVPBuzz

📯📯📯 Save the date! The team is back with another session for our Portuguese-speaking customers! 🖥️ @Windows MDM | Part 3 | #Securitybaselines, #Antivirus, #Bitlocker, and #Windows Hello for Business! 📅 August 18, 2022 👉 Register here: aka.ms/MSPortugueseMEM/Regis… #MEMpowered

Having some fun with #securitybaselines #MEMpowered

Cybersecurity teams are racing to find #cyberattacks and threats. As attacks become more widespread, a possible solution to mitigating risk is finding the optimal way to deploy automation e.g. #ML, #AI and #securitybaselines continuitycentral.com/index.…

Well written and explained: How to update Security Baselines in Microsoft Intune to a newer version! Thanks for Sharing it. #Community #EnterpriseMobilitySecurity #Intune #MicrosoftEndpointManager #MSIntune #SecurityBaselines bit.ly/3JKmShw

Working on a blog series about #mem #securitybaselines and #automation. A lot of options discussed, how to deploy etc. Started with one post, now I have 4 titles already 😅

It's always recommended to use the newest #SecurityBaselines for #Windows. With 20H2 new #AttackSurfaceReductionRules and #BlockAtFirstSight recommended! #Defender #ASR #Windows10 loom.ly/IbIvoGw

Hope to see and help support everyone working with Microsoft tech on techcommunity.microsoft.com in 2021! #Windows10 #MicrosoftEndpointManager #MSIntune #UniversalPrint #SecurityBaselines

Not a good #ITPro day today. of course I use @MSIntune #SecurityBaselines and tried to create a recovery usb and a windows 10 usb. Got in a right mess before I realised default setting is not writing to unencrypted USB.... #Sigh #NeverStopLearning #WastedDay