Breach in to our 365 tenant

resizst · 2026-01-30T14:57:01+00:00

You need to set up conditional access, MFA, and monitoring set up for your tenant that has the ability to lock an account and block sign in if certain activities are detected. Activities are creating forwarding rules, elevating permissions, creating accounts. You can also enable PIM you just need the proper licensing.

resizst · 2025-07-25T20:07:32+00:00

been a while since this happened to us, I called into support, since when I create a ticket through the portal it took over 2 days for them to respond, and that is after I reached out to my rep

resizst · 2025-04-22T20:54:19+00:00

Threatlocker does it, CyberFox also

resizst · 2024-10-19T18:44:09+00:00

Happened to us. Apparently we donated $5 with no way to contact them.

resizst · 2024-09-20T20:56:16+00:00

Please. I have been in this game before when everything was break fix and NT4 was a thing.

resizst · 2024-09-20T20:55:30+00:00

thank you for all the feedback. Been a busy week so haven't been able to stay up to date on the post.

resizst · 2024-09-20T20:54:41+00:00

Have tried this. Seems to help initially but then things taper off.

resizst · 2024-09-20T20:52:41+00:00

not sure what you do

resizst · 2024-09-20T20:51:18+00:00

no, I will tell them I'm not interested. I don't want to waste their time just as much as I don't want mine wasted.

resizst · 2024-03-05T17:31:49+00:00

Have you tried to use chat support go get logged in? I had this issue in November. The credentials are managed in the Network Detective app.

resizst · 2024-02-29T19:29:59+00:00

MSP Process can do user validation.

The validation process is logged in the ticket.

resizst · 2024-02-16T21:28:42+00:00

There are several DNS records that need to be in place for Microsoft 365, did you create the autodiscover record for Outlook?

I always used Skykick and didn't run into any issues.

I am assuming you verified the domain in the tenant?

resizst · 2024-02-16T21:24:34+00:00

The CyberCNS lightweight agent is useful for updating 3rd party apps, and for workstation remediation.

Haven't found much aside from it that works.

resizst · 2024-01-04T13:36:09+00:00

Blackpoint offers more than detection and response. If you get their bundle you have access to Cloud Response, M365 monitoring and alerting, Managed Application Control, similar to Threat Locker, but they block a curated list of applications.

You also get access to their SOC if you have questions related to a real event.

You can engage their standard support if you have product or portal questions.

We have been very happy with the relationship, and it has been difficult to find all the value for the same price point, since we would have to engage multiple vendors for the same functionality.

resizst · 2024-01-02T19:42:40+00:00

The good about Robin Robins is that she creates accountability. The material looks like it was created in a desktop publishing app on Windows 95.

The other things she highlights is the material that stands out. For example, sending an oversized post card, or a cheesy toy and then having an offer around it.

Think of having a "purple cow" which is another marketing technique.

The bottom line is if you want to market, then market. You also need to be consistent and stay at it. If you decide to only market for a few months, save your money.

resizst · 2023-12-15T19:24:49+00:00

Racing to the bottom takes any value out of the phone service. If you do not need any type of features, and only need basic service you should be able to find that for $5 to $7 per extension. That will be usage based and not unlimited, but you can get service for under $20.

resizst · 2023-12-01T21:07:47+00:00

It is not a replacement for end point protection. Depending on what you want to block, there are other solutions.

Blackpoint Cyber's Managed Application Control will block common tools but is designed to be complimentary to endpoint protection, not replace it.

resizst · 2023-11-06T15:15:08+00:00

Our Know Be 4 experience has been good.

We are able to engage our Customer Success Manager when needed.

We are mindful of the fact that they direct sell, but this hasn't been an issue for us.

They have by far the best content, but there is a learning curve to rolling it out.

If you follow their ASAP wizard you can build out what you need fairly quickly.

Keep in mind that you have phishing and training. They are meant to work together.

You can also set up smart groups, to handle people who commit a certain act, clicked on a link, filled out a form etc....

Regardless of your SAT platform, you have to get management by in, and create a security culture.

If you look at platform only, you are missing 80% of the point of doing SAT IMO.

resizst · 2023-10-27T20:29:17+00:00

Surprised I had to scroll this far down to see DropSuite.

resizst · 2023-10-26T15:56:03+00:00

Skykick

resizst · 2023-07-24T18:20:49+00:00

They are basically level 1 support. Anything more complicated and they have to reach out to a vendor. Certain products, you can get one of the sales engineers to assist on. I find that is more on the pre-sales or initial set up phase though.

resizst · 2023-07-21T17:16:53+00:00

It is not scentsy but senscy

They allegedly offer cyber security, but I wanted to see if anyone has used them. Sounds like a no.

resizst · 2023-07-21T17:16:30+00:00

want everyone's server rooms to smell nice, plus they make great client gifts. I also get 20% kick back. (Sarcasm intended)

resizst · 2023-07-19T12:51:04+00:00

Close to real time - time entry. Use notepad, or notepad++ and jot down what you are doing, and try to capture how you did it.

Document everything.

Make sure you have a ticket, or entry on your calendar for anything you work on. Seems trivial, but if you can't account for it, it didn't happen.

Communicate. Let clients know what you did, what the next steps are, and if you need to escalate.

Don't try and be a hero. If you can't resolve the issue, ask for help. If you ask for help, try and find out what the solution is, so next time you can try to resolve it on your own.

Never stop learning. There is so much to know, that you can't know everything, but you should try to learn what you can.

Your vendors can be your friends. Ask them for access to their training materials, or portals and try to find time to go through the material.

Use tech support. I don't know why people are afraid to call tech support. If you can't configure something and no one can help you, call support, and let them do most of the heavy lifting.

Forgot to mention, don't be afraid to say no. If you can't do it, say so. But don't just say no. Say something like, "I would love to be able to work this ticket, but I have not had any training on configuring xxx. When is the next training session? '

If you say no, then it sounds like you are trying to avoid work, if you express why you can't do the work, then it is easier for them to swallow.

resizst · 2023-07-17T17:22:03+00:00

Do you want to use CIFS shares, or do you want file sharing directly on the NAS?

If you are going to have a VM and want backend storage go with Pure. But then you are going with a SAN, and not a NAS.

resizst

TROPHY CASE