If you’re like many organizations, you’re utilizing the power of Microsoft Excel and probably some Microsoft Word too. Your policies are word documents saved in PDF format. Your tracking of compliance and gap analysis, and maybe even a Plan of Actions & Milestones (POA&M), if you’re really fancy, is across several spreadsheets.
Cybersecurity and Digital Threats Blog
Purchased Microsoft 365 E5, Now What?
The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas. The purchasing of E5 licensing means an organization now has unlocked a lot of Microsoft products and the common question seen afterwards is, “where do I start?” …
Indicators of Compromise: O365 Mailbox Forwarding and Rules
NOTE: This blog refers to several Microsoft products that require special licensing. Be sure to check your individual licensing to fully comprehend which features are available to you. Office 365 (O365) has become a recurring favorite and at times the main focus of common threat actors. Once credentials are compromised through tactics like phishing, it …
Password Changed, but Account Still Compromised?
NOTE: This article only relates to organizations with an on-premise Active Directory that sync passwords to Azure Active Directory. Have you ever come across an account where there was an indicator of compromise (IOC) and the account’s password was changed, but the compromise still continued? If not, you may have just been getting lucky in …
whoami
It is only fitting that a first blog post be all about me. The goal here though is to not be long-winded. So I will summarize the relevant bits that matter. As of the writing of this post, I am 30 years old and I live in Chicago, Illinois. The official title I currently hold …