The wonderful people at Netwrix have asked me to join their panel discussion on Microsoft Copilot readiness. In this online webinar we plan to discuss data discovery, data classification and access control with the help of Artificial Intelligence. About the webinar With Microsoft 365 services like SharePoint, Teams, and OneDrive generating and storing vast … Continue reading "Get all your Microsoft Copilot data readiness questions answered by Netwrix and me in our upcoming panel discussion"
Category: Recommended Practices
Recommended Practices
How to get the redirected URI for a go.microsoft.com/fwlink address
In today’s Zero Trust networking scenarios, many organizations opt to only allow specific web locations to be accessible to their systems. This is problematic with addresses that act as redirect locations to actual web locations, because the actual web location needs to be allowlisted in the firewall to be accessible. Common scenarios A common … Continue reading "How to get the redirected URI for a go.microsoft.com/fwlink address"
Join Raymond and me as we discuss “UnOauthorized” with Eric Woodruff
Birds of a feather flock together. So, when fellow Security MVP and Identity nerd Eric Woodruff visited our home country, Raymond Comvalius and I didn’t hesitate to offer him a pancake ‘breakfast’ to chat about all things Entra. Lunch and a laid-back conversation on Raymond’s couch unearthed some valuable discussion for us Identity & Security … Continue reading "Join Raymond and me as we discuss “UnOauthorized” with Eric Woodruff"
The video of my session on Backing up and Restoring Virtual Domain Controllers for the Dutch Veeam User Group Meetup is now available
On Tuesday March 19th, I presented a 20-minute session on backing up and restoring virtual Domain Controllers as part of the Veeam User Group Netherlands Meetup. My goal was to offer four tips and tricks to get in to a zen state as an Active Directory admin when worrying about backing up and restoring virtual … Continue reading "The video of my session on Backing up and Restoring Virtual Domain Controllers for the Dutch Veeam User Group Meetup is now available"
Join us for a Webinar on Securing and Monitoring Active Directory
On Tuesday June 6th, 2023, I will be presenting a free 60-minute webinar on Active Directory, together with Jay Gundotra of ENow fame. About this webinar Many large organizations use Active Directory as their primary Identity and Access Management (IAM) solution, synchronizing objects to Azure AD from there. Other organizations keep Active Directory around … Continue reading "Join us for a Webinar on Securing and Monitoring Active Directory"
Join me for my Tech Talk at VeeamON 2023 in Miami
I'm excited to announce that I will be hosting one of the Tech Talks at VeeamON in Miami this year. About VeeamON VeeamON is Veeam's yearly community event tailored for Data Recovery experts. Just like other conferences, it offers technical sessions. However VeeamON also features celebrations, LabWarz, a playground and the community hub to … Continue reading "Join me for my Tech Talk at VeeamON 2023 in Miami"
Best Active Directory Monitoring tool
Today, Active Directory is still the cornerstone of most networking infrastructure environments. In Hybrid Identity environments, where on-premises Active Directory is coupled with Azure AD, the reliance on Active Directory is enormous. In these environments, the answers to the question ‘What if something would happen to Active Directory?’ range from ‘Everything goes down’ to ‘Game … Continue reading "Best Active Directory Monitoring tool"
You're invited to the IT-University Masterclass – Adequately Securing Active Directory
On February 6th, 2023, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on a topic that is close to my heart: Active Directory. Active Directory has captivated the hearts of adversaries. Some ransomware gangs just simply lose interest want the device of a potential victim … Continue reading "You're invited to the IT-University Masterclass – Adequately Securing Active Directory"
TODO: Upgrade the Certificates for your Windows Server 2016-based Domain Controllers (and up) to enable Windows Hello for Business Hybrid Scenarios
While many Active Directory environments use the default settings from 2003, other environments have adapted to enable new functionality, like Windows Hello for Business. To do so, the default Domain Controllers certificates and certificate templates need to be replaced, as they do not fulfill all of the requirements set out for them. This blogpost shows … Continue reading "TODO: Upgrade the Certificates for your Windows Server 2016-based Domain Controllers (and up) to enable Windows Hello for Business Hybrid Scenarios"
A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise
On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant. About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"