The Hierarchy of Cyber Needs

Hi, The Captain here from Microsoft Enterprise Cybersecurity Group's Global Incident Response and Recovery team.  The kind curators of the Platforms PFE blog invited me to share some thoughts about building a strong security foundation in your enterprise. It takes a lot of time, effort, expertise and money to protect an enterprise network against today’s…


Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

Hi, Jessica Paynefrom Microsoft Enterprise Cybersecurity Group's Global Incident Response and Recovery team guest starring on the Platforms PFE blog today. Credential theft is a major problem in the security landscape today. Matching local administrator passwords in an environment often contribute to that problem and are a popular target for bad guys. Far more than…


Speaking in Ciphers and other Enigmatic tongues…update!

Hi! Jim Tierney here again to talk to you about Cryptographic Algorithms, SCHANNEL and other bits of wonderment. My original post on the topic has gone through a rewrite to bring you up to date on recent changes in this space. So, your company purchases…(read more)


We Must Fundamentally Transform Our Approach to Security

This week, we have a different style of article.  In this post, folks step back and look at "big picture" strategy rather than the technical/tactical details of IT operations.  This broadly collaborative effort about Identity and Security was developed over a long period of time with input from many people across MCS, PFE and the Cybersecurity groups…


Mailbag: Opening Day (Issue #10)

  Hey y’all Mark and Tom here. Bet you thought we’d miss this week too.  We’ve been a bit busy over here so that would mostly explain it. That and I’m in two fantasy baseball leagues this year. My nerdiness extends into sports as well thank you very much. Tom was doing something nerdy as…


SHA-1 Deprecation and Changing the Root CA’s Hash Algorithm

Hi, Rick Sasser here, with what was intended to be a quick blurb on security that back references one of my original posts on Choosing a Hash and Encryption Algorithm for a new PKI? and somehow turned out to be the labor equivalent of about a week, counting everyone who chipped in on it, and…


Common Troubleshooting Issues Encountered When Configuring MBAM 2.5

Hey! Bill Spears here. I'm a Microsoft Premier Field Engineer based in North Carolina and I specialize primarily in Windows Deployment and Client technologies. After completing many MBAM deployments and helping a client or two troubleshoot various MBAM setup issues, I wanted to share some of the most common things that I run into on…


Guidance on Deployment of MS15-011 and MS15-014

Hi, my name is Keith Brewer and many of you will know of me from my other Active Directory related posts. A few folks have recently approached me about the recent security updates (The other week we released MS15-011 & MS15-014). Most of the questions were general in nature but a few were specifically in…


KRBTGT Reset Script Now Available at the Script Gallery

Tom here with a quick Friday update… Here's something that we hope you'll never need, but has become an unfortunate necessity. Jared Poeppelman, one of our colleagues over in Microsoft Consulting Services has built and tested a great PowerShell script for resetting your KRBTGT password. You can find the post covering the topic over at the…


The Most Popular Posts of 2014

Hey y’all, Mark back again to help close out another successful year of blogging. We’ve been at this for three years, which feels insanely long as well as feeling like this just started up a few weeks ago, which is weird. Trust me. We want to thank you the reader again for sticking with us…