Windows LAPS: Closing a Gap for Cloud-Native Device Management

1 TLDR; Microsoft is releasing an Azure AD integrated, built-in LAPS agent to Windows 10 and Windows 11 that can be controlled by Intune. 1.1      Problem Statement Migrating Windows endpoints to Intune-only management left gaps in controllable settings. An alternative for traditional Local Administrator Password Solution (LAPS) in an on-premises domain has been a primary…

The post Windows LAPS: Closing a Gap for Cloud-Native Device Management appeared first on TrustedSec.

Continue reading Windows LAPS: Closing a Gap for Cloud-Native Device Management

Building a Strong Foundation With the Information Security Accelerator

Bottom Line Up Front Common threats like malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions don’t have to spell disaster. Mid-market companies and small-to-medium businesses (SMBs) can cut through the confusion of how to build a solid security program. Our Information Security Accelerator service is designed to help your organization chart…

The post Building a Strong Foundation With the Information Security Accelerator appeared first on TrustedSec.

Continue reading Building a Strong Foundation With the Information Security Accelerator

Hardening Backups Against Ransomware

Human-operated ransomware represents a unique challenge to backup infrastructures. Unlike in other scenarios, ransomware attackers specifically target and attempt to destroy backup systems to increase the likelihood that a victimized organization will pay the ransom. This threat requires a different approach to securing backup infrastructure. The Old Ways Are Not Enough Traditionally, enterprise backup infrastructures…

The post Hardening Backups Against Ransomware appeared first on TrustedSec.

Continue reading Hardening Backups Against Ransomware

Update: The Defensive Security Strategy

Original post:  https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are they occurring? While common issues are often leveraged, the mentality around them is…

The post Update: The Defensive Security Strategy appeared first on TrustedSec.

Continue reading Update: The Defensive Security Strategy

Is Cyber Insurance Becoming Worthless?

New challenges have emerged that make it difficult to transfer risk. Ransomware has changed the game An overlooked yet the increasingly important challenge in information risk management is finding the right balance between cybersecurity and cyber insurance. We continue to see organizations hit with ransomware from a variety of vectors, including spam emails, drive-by downloads,…

The post Is Cyber Insurance Becoming Worthless? appeared first on TrustedSec.

Continue reading Is Cyber Insurance Becoming Worthless?

SolarWinds Backdoor (Sunburst) Incident Response Playbook

Over the last several days, TrustedSec has received queries on the best ways to contain, eradicate, and remediate the SolarWinds backdoor (aka #solarigate aka Sunburst). The TrustedSec Incident Response team has put together a playbook of recommended actions to provide some level of assurance that your organization is no longer affected by the backdoor. This…

The post SolarWinds Backdoor (Sunburst) Incident Response Playbook appeared first on TrustedSec.

Continue reading SolarWinds Backdoor (Sunburst) Incident Response Playbook

Fear, Cybersecurity, and Right to Repair

Massachusetts is the latest state to grapple with Right to Repair legislation. A ballot question in the 2020 election asked the state’s voters to decide whether or not automobile manufacturers must make the telematics data collected by cars’ on-board computers available to independent repair shops. What seems like a debate over who can access the…

The post Fear, Cybersecurity, and Right to Repair appeared first on TrustedSec.

Continue reading Fear, Cybersecurity, and Right to Repair

Making EDR Work for PCI

The Endpoint Detection & Response (EDR) and Advanced Threat Protection (ATP) marketplace is abuzz with products that blur the lines of personal firewall, host-based intrusion detection system (IDS) and intrusion prevention system (IPS), anti-virus, system logging, and file integrity monitoring (FIM). These solutions are centrally managed from your web browser and include advanced dashboards for…

The post Making EDR Work for PCI appeared first on TrustedSec.

Continue reading Making EDR Work for PCI

Azure Automation – Getting Started With Desired State Configurations

Azure brings a lot of new tools and capabilities to the IT and Information Security toolbox. In fact, there are so many features that it can be overwhelming and difficult to understand when or how to use them. I believe that the revamp of Desired State Configuration (DSC) within Azure is one of these overlooked…

The post Azure Automation – Getting Started With Desired State Configurations appeared first on TrustedSec.

Continue reading Azure Automation – Getting Started With Desired State Configurations

Using Azure to Address Endpoint Hygiene Management

Remote workers are set up, but endpoint management is still an issue Setting up a remote workforce during the COVID-19 pandemic presented a huge challenge, especially trying to get so much done in such a short time frame. While getting extra Zoom licenses was likely pretty easy, there are more challenging issues surrounding remote sharing…

The post Using Azure to Address Endpoint Hygiene Management appeared first on TrustedSec.

Continue reading Using Azure to Address Endpoint Hygiene Management