Securing Credentials for Privileged Access

  Hello, Paul Bergson back again. I have been on the road a bit more than normal doing security training/POC deliveries (POP-SLAM *1) for our customers related to Pass-the-Hash and credential protection. I have noticed an alarming trend in how credential protection is thought to resolve a customer’s credentials from being compromised. Enterprises that are… Read more

AskPFEPlat Ask Me Anything-September 2016

UPDATE (9/26/2016 @ 10:45a ET): Thank you all for your participation in this AskPFEPlat Ask Me Anything Q&A blog session! We are ending active questioning at this time. Rest assured, if you have asked us questions and have not yet gotten a response, we are still working on it. Additionally, we would like to request feedback on… Read more

AppLocker – Another Layer in the Defense in Depth Against Malware

Hello, Paul Bergson here with a discussion on Security in particular utilizing Microsoft’s AppLocker to help prevent the infection of Malware. Ransomware has been getting a lot of attention. There have been several high profile attacks in the press over the past few months and Understanding the Risk is important. If people don’t understand the… Read more

Preparing for DAC

Hello everyone. This is Randy Turner to share some insights learned with implementing Dynamic Access Control (DAC.) There are numerous posts which I will share at the end to discuss the steps to implement all the features covered by DAC, but very little on how to adopt these changes. DAC is just an outcome from… Read more

The Importance of KB2871997 and KB2928120 for Credential Protection

Hello, my name is Paul Bergson and this is my first time writing a blog for AskPFEPlat. I am a platforms PFE in the Premier division of Microsoft. If my name looks familiar, it could be because I spent about 10 years in TechNet’s Directory Service Forum as an MVP and Moderator (pbbergs). I wanted… Read more

Secure Administrative Workstations

Hi All. This Jerry Devore a Midwest PFE back after a long hiatus from blogging. If you thumb through the owner’s manual of your car you will find a maintenance schedule section.  There you can see how often the manufacture suggests you should change your engine oil, flush your radiator fluid and replace various filters. … Read more

Resetting the Local Admin Name and Password for Azure ARM Virtual Machines with PowerShell

Hi there, this is JJ Streicher-Bremer, saying hello from Azureland.   When one creates a virtual machine in the Azure portal a username and password are required. This username and password are used by the Azure fabric to configure the local administrator account on that virtual machine.   I don’t know about you, but sometimes… Read more

The Hierarchy of Cyber Needs

Hi, The Captain here from Microsoft Enterprise Cybersecurity Group's Global Incident Response and Recovery team.  The kind curators of the Platforms PFE blog invited me to share some thoughts about building a strong security foundation in your enterprise. It takes a lot of time, effort, expertise and money to protect an enterprise network against today’s… Read more

Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

Hi, Jessica Payne from Microsoft Enterprise Cybersecurity Group’s Global Incident Response and Recovery team guest starring on the Platforms PFE blog today. Credential theft is a major problem in the security landscape today. Matching local administrator passwords in an environment often contribute to that problem and are a popular target for bad guys. Far more… Read more

We Must Fundamentally Transform Our Approach to Security

This week, we have a different style of article.  In this post, folks step back and look at “big picture” strategy rather than the technical/tactical details of IT operations.  This broadly collaborative effort about Identity and Security was developed over a long period of time with input from many people across MCS, PFE and the Cybersecurity groups… Read more