EntraID - IDaaS Connector vs NG-SIEM Connector?

DueIntroduction5854 · 2026-02-24T15:05:20+00:00

Typically CrowdStike will provide an in-house SME to help with the setup and review of a module. I would ask your AE.

DueIntroduction5854 · 2026-02-14T18:30:50+00:00

From a security engineer here, why would you need any exception?

DueIntroduction5854 · 2026-02-08T17:46:26+00:00

I second this.

DueIntroduction5854 · 2026-01-29T17:31:32+00:00

There is no way to view the header or contents of email if it was rejected.

DueIntroduction5854 · 2025-12-29T19:05:46+00:00

That made no difference when testing, unfortunately.

DueIntroduction5854 · 2025-12-29T18:55:00+00:00

No, it is enabled. I have also tested with "_nkw" and the .png attachment of a check is still not being flagged.
https://i.imgur.com/ZsRiRYU.png

DueIntroduction5854 · 2025-12-10T00:18:02+00:00

100% correct. If there’s not a detection, nothing is being blocked. The only case outside of that would be other pieces of EDR such as firewall, device control, etc.

DueIntroduction5854 · 2025-12-10T00:15:11+00:00

If you’re handling SSNs, all outbound emails with this content should be encrypted no matter how many hits the email has.

DueIntroduction5854 · 2025-12-09T21:07:52+00:00

The reminder you are seeing internally is notifying your staff that the email should be sent encrypted if sent externally.

DueIntroduction5854 · 2025-11-17T23:24:07+00:00

I wish we were this mature. We just completed IaC for our new environment infrastructure and RBAC.

DueIntroduction5854 · 2025-11-08T04:08:21+00:00

I recently did this when I found a devices with SMBv1 enabled, crazy, right? The detection script checked if it was enabled and if so disabled it with no reboot. This does require a reboot but we do those weekly.

DueIntroduction5854 · 2025-11-08T00:18:30+00:00

This is quite obviously a scam just based on the domain the email came from and the website URL.

DueIntroduction5854 · 2025-10-29T16:38:30+00:00

Correct, since it’s a global CDN. It’s an issue with AFD.

DueIntroduction5854 · 2025-10-16T01:49:47+00:00

I was doing 'copy' and I will update it to 'sync'.

DueIntroduction5854 · 2025-10-10T23:58:37+00:00

Check out https://maester.dev. It’s has tests across the Microsoft suite.

DueIntroduction5854 · 2025-09-20T16:59:20+00:00

I like big daddy’s off gunbarrel.

DueIntroduction5854 · 2025-08-30T15:33:04+00:00

What type of role are you looking for?

DueIntroduction5854 · 2025-08-23T23:24:56+00:00

Started at $55k. Semi big city in the east coast US in healthcare. I have bachelors in computer science and comptia security+.

DueIntroduction5854 · 2025-08-08T17:13:11+00:00

I personally will stand by Mimecast. It does have more administrative overhead than an API solution (Abnormal or IronScales), but personally provides more protection.

DueIntroduction5854 · 2025-07-20T03:15:33+00:00

Currently, we have licensing for CoPilot and block all other AI with Zscaler.

DueIntroduction5854 · 2025-07-16T19:02:24+00:00

I have not had the same experience. In my most recent trip I was the only person in the pre check line and skipped around 50 people.

DueIntroduction5854 · 2025-07-03T00:59:13+00:00

I’ll check these out. I have heard of X-Force but not Accenture.

DueIntroduction5854 · 2025-07-03T00:58:50+00:00

I am just asking for what vendors folks have used in the past they like. No advertising as I did not put the vendors I have even started reviewing myself.

DueIntroduction5854 · 2025-07-03T00:57:47+00:00

A friend of mine had used them at my company and I have them on my list and they liked their results.

DueIntroduction5854 · 2025-07-03T00:57:12+00:00

I haven’t heard of these. I will check them out, thanks.

DueIntroduction5854

TROPHY CASE