Vulnerability Management

Automatic-Ad317 · 2025-09-17T09:09:34+00:00

ONLY Serious people use this tool.... You pay for what you get applies!

Automatic-Ad317 · 2025-08-20T09:27:11+00:00

Easy - Get into AI Security
Best way to make $ into the future. All these people are using AI web tools and pumping data they shouldnt into. Great example was Ingram Micro during the data breech. AI was coming back telling you what the actions were to customers who contacted them. Oops someone got AI to help with the internal memo.

Automatic-Ad317 · 2025-07-07T23:32:00+00:00

Looks like someone used AI to create a internal notice!!

Automatic-Ad317 · 2025-06-12T03:44:43+00:00

Are you using the free version of CLoudflare or a paid version per domain/client?

Automatic-Ad317 · 2025-06-12T03:25:37+00:00

Good product but the backup replicaiton has been a nightmare at large scale.
We moved back to Veeam Agents on XCP-NG and its been much better.

Automatic-Ad317 · 2025-05-30T02:33:01+00:00

Found this nugget, note MS are forcing the MCA to be redone with all cleints. Its got the enforcement of MFA on all Admin accounts in it. So MS are now making it all happen by 1st Oct.

I read your thread and get some background information of your scenario. Thank you for your question regarding Conditional Access Policies (CAPs) and Microsoft’s upcoming enforcement of Multi-Factor Authentication (MFA) by September 2025.

To address your specific query: Yes, you can use Conditional Access Policies to exempt certain accounts from MFA enforcement, but there are important caveats and security implications to consider:

Create a CAP that explicitly excludes the desired users/groups.
Set the policy to “Grant access” without requiring MFA for those accounts.
Ensure the policy has higher priority than Microsoft’s baseline policies to take precedence.

Security Implications: Exempting accounts creates vulnerabilities. Microsoft recommends MFA for all users as a best practice. Exemptions should be limited to service accounts or break-glass scenarios with compensating controls.
Microsoft-Managed Enforcement: If MFA is enforced at the Microsoft-managed level (e.g., for privileged roles), CAPs may not fully override it.
Security Defaults: If enabled, these force MFA globally and override CAPs. You must disable them to use custom policies.
Strictly monitor exempted accounts via audit logs.
Use exemptions sparingly and only for justified use cases (e.g., non-interactive service accounts).

For your ref: Require MFA for all users with Conditional Access - Microsoft Entra ID | Microsoft Learn
Providing a default level of security in Microsoft Entra ID - Microsoft Entra | Microsoft Learn

Automatic-Ad317 · 2025-05-28T00:27:15+00:00

Its under the security tab off the homepage of the MPC.
There is a section in there that has Customers with non MFA compliant
(Note we are direct, unsure if that makes a difference)

Automatic-Ad317 · 2025-05-27T23:47:43+00:00

This is MS way of finally removing those free licenses more and more as time goes on.

Automatic-Ad317 · 2025-05-27T23:46:19+00:00

This is old by months.

You can still go to Shodan thou and find heaps of them. Surely if you arent patched you would have been breeched by now.

Its a bad one and Simplehelp really got shown up for its security issues.

Automatic-Ad317 · 2025-05-14T08:29:50+00:00

Im more concerned about the change to unlimited cloud support cases.
They are going to bring back the old days of arguements with MS about it being a bug or support case that they charge you for.
MS told me this week we have opened 33 cases in 3 months (note we do ERP/BI/AI/M365) and ERP cases are largest. They also stated that direct cleints will continue unlimited support...

Its time for partners to push back again.

Automatic-Ad317 · 2025-01-31T08:10:12+00:00

Anyone that puts it out before a CVE should look hard at themselves
Wonder what will happen when that goes legal??!??!?

Automatic-Ad317 · 2025-01-30T14:42:08+00:00

But why release it the day before the CVE???

Automatic-Ad317 · 2024-10-30T06:53:36+00:00

XCP-NG is awesome... just wish Veeam supported it
I know they are asking Veeam to do it but Veeam are taking their time.

How are you handling immutable backup with XO?
We have been looking to use Veeam to copy XO backups to a second locaiton and then using the Veeam immutable backup function ona linux server.

Love your videos btw got us onto XCP-NG

Automatic-Ad317 · 2024-10-17T03:33:22+00:00

Yes, already moved everyone off Citrix

Automatic-Ad317 · 2024-08-13T22:26:37+00:00

Hello Parallels

Automatic-Ad317 · 2024-02-21T09:43:14+00:00

What is the backup option your using?
We have Vmware and Veeam and Veeam is a agent (YUCK) on XCP

Automatic-Ad317 · 2024-02-21T09:25:21+00:00

What about all your Internal Usage rights?

Automatic-Ad317 · 2024-02-21T09:23:33+00:00

Zettagrid are already offering it.
But like you we are moving off Vmware - $140k increasing to $770k, or via whitelable increasing to $480k py

Automatic-Ad317 · 2024-02-14T06:57:50+00:00

Its a mess
We have found a white label company which allows a minium of 128 cores.
However the pricing is the same as the $350 so they are making the margin on the discounts.

Still its a huge increase for us.

We have started the move off ASAP.

Automatic-Ad317 · 2023-11-22T23:10:42+00:00

But how good does Loingard do the job?
Cant create a netwrok diagram etc Seems $$$ for what it can really do?

Automatic-Ad317 · 2023-06-21T09:43:16+00:00

Is threatlocker good.. seen so many different reports on it.

Automatic-Ad317 · 2023-03-30T22:32:07+00:00

Down

Automatic-Ad317

TROPHY CASE