Azure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it...
I have my lab in Azure, where I run about 10 virtual servers with Windows 10 and Windows Server. And there is also one web server running Ubuntu 18.04. So far I have handled updates manually, so I had to log on to all servers, check for updates, install updates, restart. But Azure Update Management […]Lukas Beran
For Azure AD Connect synchronized domains, I find it quite common that a customer sets up the synchronization itself, but does not read documentation describing the preparation before deploying Azure AD Connect. This usually results in using a local domain in the local Active Directory (the .local domain) and does not have a publicly [...]Lukas Beran
Office 365 offers eDiscovery, which is the search for information across the tenant. This enables selected users to search virtually all the data in Office 365, which means, for example, user mailboxes. This is useful when it is necessary, for example, to search for some information for a courtroom. For some larger organizations, [...]Lukas Beran
Meltdown security issue (CVE-2017-5754) applies to all Intel processors since 1995, except for older Intel Atom processors and Itanium processors. This processor error causes ability to read privileged memory, which is a very significant security risk. Second security issue Specter (CVE-2017-5753 and CVE-2017-5715) applies to all Intel, [...]Lukas Beran
DMARC is together with SPF and DKIM another technology protecting you against phishing and spoofing. Implementing DMARC with SPF and DKIM provides additional layer of protection. This validation uses DNS records where are specified mail servers authorized for sending emails from your domain. Differences between SPF and DMARC The [...]Lukas Beran