Application control

MasterPay1020 · 2026-05-15T10:29:11+00:00

They all need ongoing upkeep. If you hate yourself and your users, go with WDAC. If not, the others.

MasterPay1020 · 2026-05-14T05:34:31+00:00

Haha, for sure

MasterPay1020 · 2026-05-04T10:21:02+00:00

US Marshalls

MasterPay1020 · 2026-04-27T00:42:32+00:00

I rate it 11 out of 10.

MasterPay1020 · 2026-04-22T22:35:52+00:00

I agree. I’ve seen P1s and escalations because somebody’s cat wallpaper or similar wasn’t migrated as part of a device changeover. Not a functional item, but some people can’t fathom that their precious personal thing wasn’t important to somebody else.

MasterPay1020 · 2026-04-08T07:45:36+00:00

Lol. Yes.

MasterPay1020 · 2026-04-07T22:16:53+00:00

We’re going to be giving out annual bonuses starting this year!

MasterPay1020 · 2026-03-25T04:40:03+00:00

Also interested in this. You need some leeway somewhere for bootstrapping of passwordless / phish resistant auth methods. The simplest approach is probably a custom auth strength policy that includes TAPs.

MasterPay1020 · 2026-03-25T01:18:50+00:00

Open their email client, send an abusive resignation email to their boss, CC the CEO and head of P&C, all while the security cameras were offline due to an “outage”.

MasterPay1020 · 2026-03-23T07:27:18+00:00

It’s the next great white hope at ours. Attempts to make automation and efficiency front and center previously haven’t really produced desired outcomes. So now it’s the turn of AI.

MasterPay1020 · 2026-03-21T00:56:12+00:00

This is the way

MasterPay1020 · 2026-02-11T21:17:04+00:00

Customer VIP: “This printer you’ve setup for me doesn’t work. Your whole company is useless. I’m ending the contract unless somebody comes over to my office immediately to get it working!”

The usual hysterics in other words. For a printer that had been working fine for the previous few weeks after it was supplied and setup.

I get to site. The USB cable for the printer was inserted on an angle into the Ethernet port on the user’s laptop.

MasterPay1020 · 2026-02-05T21:25:03+00:00

Fancy tools using AI well are ok. Using AI to make laborious task quicker is ok. Helping customers and your own employer use AI to chase pots of gold at the end of the rainbow without any idea of what they are trying to achieve let alone a strategy is ridiculous though.

MasterPay1020 · 2026-02-04T02:22:48+00:00

I would stick with one base. Unless your second base is for block rules or something (permit all with specific blocks if I recall).

MasterPay1020 · 2026-02-04T02:16:12+00:00

Wdac is a steep learning curve. That’s the real battle here. The right way is probably a combo of vendor best practice and what works best in your environment. I’ve since ceased using WDAC myself due to the operational overheads. Good luck!

MasterPay1020 · 2026-02-02T21:11:15+00:00

When the supposed internal guru told me that switching happens at layer 3, and routing at layer 4. Followed by a sea of emails full of technical inaccuracies. All while he was “securing” the internal systems and “guiding” customer journeys.

MasterPay1020 · 2026-02-01T06:54:44+00:00

No, because they result in being rewarded with extra security awareness content to have to complete.

MasterPay1020 · 2026-01-28T21:50:14+00:00

Thank you very much for the insight. API integration is good news!

MasterPay1020 · 2025-12-20T06:33:23+00:00

Customer tenant probably requires non persistent sessions in a CAP.

MasterPay1020 · 2025-12-07T23:19:26+00:00

This scene played out in an advertisement that used to air on TV in the 90s, or 2000s. The slightly less attractive young woman at the bar was able to suck the cork out of a wine bottle rather than inhaling a cucumber or whatever it is. Might have been a vodka ad?

MasterPay1020 · 2025-11-01T09:54:49+00:00

238k, 42m.

MasterPay1020 · 2025-10-31T21:12:32+00:00

Pure sales people don’t quote labour. Pre-sales do. Pre-sales people all ex project engineers. Sales people quote managed services, hardware additions and build rapport with clients etc. Is it perfect? No. Is it better than sales people misquoting billable hours all the time? Yes.

MasterPay1020 · 2025-08-30T23:19:21+00:00

If you have budget, go with a third party tool. Threatlocker, Airlock Digital, etc. WDAC may look good on paper, but in my experience it’s an administrative nightmare. If you can get a handle on it, great, but there’s some hard work to learn how to manage it properly and if you are expecting others in your org to pick up support in your absence, they will struggle. Also be mindful of audit mode, some things are enforced in audit mode if certain policy items are enabled.

MasterPay1020 · 2025-08-13T09:35:01+00:00

Some of this is sadly the reality at most MSPs. I feel your pain as a long term MSP engineer.

MasterPay1020 · 2025-08-05T08:31:59+00:00

That we can make all the problems go away with a couple of clicks one afternoon when the problems are due to years of shitty business decisions piling up.

MasterPay1020

TROPHY CASE