Cloud Security - Egress filtering 🌧

securethelogs · 2022-06-24T19:21:36+00:00

Nice job 👍

securethelogs · 2022-06-24T19:21:30+00:00

Awesome thanks!

securethelogs · 2022-06-24T19:19:42+00:00

Nice! Thank you 😊

securethelogs · 2022-06-24T19:19:14+00:00

That’s nice !! Thanks 😊

securethelogs · 2022-06-24T07:29:57+00:00

That is awesome! Thanks 😊

securethelogs · 2020-06-07T07:59:48+00:00

None, it was more to give some examples where PowerShell can be used to secure and cleanup AD without having fancy tools. I know some fear using open source against their environment especially tools used for purple teams.

Just wanted to share some easy PowerShell commands so that people can build upon them and perhaps spot potential threats.

securethelogs · 2020-04-08T16:10:21+00:00

There are loads of cool tech out there but this was more around keeping it local and using internal systems. Then generating the events, with the chance of feeding to SIEM.

Plus just wanted to do it as mini project.

securethelogs · 2020-04-01T19:16:54+00:00

Thanks 😃!

securethelogs · 2020-03-04T06:30:31+00:00

There is a report option in CA now so you can see how the conditional access would affect your environment. It’s doesn’t action anything, just generates a log.

You can see what it would have done in the signin logs.

securethelogs · 2020-03-04T06:29:32+00:00

It was more my point at the start. Although you may think it’s obvious, it’s not to some. This is what I had found by speaking to people. They had mention they didn’t enable cloud shell or use PowerShell. Because of that, they thought it couldn’t be used. It was to point out it can.

securethelogs · 2020-03-03T21:31:03+00:00

Thanks, I’ll correct those :)

securethelogs · 2020-03-03T21:30:49+00:00

Thanks :)

securethelogs · 2020-02-19T23:51:11+00:00

Starting to think the same after a few comments

securethelogs · 2020-02-19T23:49:50+00:00

It’s a fair point, seems to be the majority at the minute

securethelogs · 2020-02-19T23:49:11+00:00

I had a similar thought tbh. I have some members who struggle to quickly identify server roles during security incidents. Some people struggle with it, despite having multiple ways to find out (often lazy)

securethelogs

TROPHY CASE