Great list of domain-hardening ideas here; > Awesome Windows Domain Hardening. A curated list of awesome Security Hardening techniques for Windows, by @PaulWebSec [https://twitter.com/PaulWebSec?ref_src=twsrc%5Etfw] https://t.co/XLlqLjMWKV — DirectoryRanger (@DirectoryRanger) June 17, 2019 [https://twitter.com/DirectoryRanger/status/1140597140831506433?ref_src=twsrc%5Etfw] PaulSec/awesome-windows-domain-hardeningA curated list of awesome Security Hardening techniques for Windows. - PaulSec/awe…
All posts in Security
Password administration for system ownersPassword strategies that can help your organisation remain secure. [https://www.ncsc.gov.uk/collection/passwords]…
Manage emergency access admin accounts - Azure ADThis article describes how to use emergency access accounts to help prevent being inadvertently locked out of your Azure Active Directory (Azure AD) organization.Microsoft Docsmarkwahl-msft [https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-emergency-access]…
Great thread here about security and event logging. > If you want to stop an attacker from installing malware or placing a web shell on your Exhange server, you probably should start with ensuring service accounts and admins who have admin on those servers don’t log in to easily phished desktop class systems. — Jessica Payne (@jepayneMSFT) May 9, 2019 [https://twitter.com/jepayneMSFT/status/1126529038913163264?ref_src=twsrc%5Etfw] > If you want to see if a domain admin has logged in somewhere…
Great thread here about logging; > Perhaps the single most important thing you can do to prepare for an incident is to increase Windows event logging. Turn on process auditing, PowerShell logging, and dramatically increase the size of the event logs. Disk space is cheap, use it. — Jake Williams (@MalwareJake) May 8, 2019 [https://twitter.com/MalwareJake/status/1126075545547100160?ref_src=twsrc%5Etfw]…