Stay up to date on the latest tech trends, IT news, and cybersecurity threats with our educational blog.

Security Operations

Why Microsoft Office 365 Secure Score Isn't Enough

Microsoft Secure Score. If you’re an IT administrator or security professional in an organization that uses Office 365, then you’ve no doubt used the tool or at least heard the term. It started as Office 365 Secure Score, but it was renamed in April 2018 to reflect a wider range of elements being scored.

Learn More
Characteristics of a Relevant Information Security Program: Communications

In a business environment where resources are limited, compliance requirements abound, and budgets are constantly challenged to meet cost containment targets, this article will explore a strategy to align information technology (IT), information security (IS), system and data owners (SDO), aka: your business units, and leadership.

Learn More
DA 101 - Protecting your Domain Admin Account

At SynerComm's Fall IT Summit 2018 we presented a talk about the top 5 attacks used to compromise a Domain Administrator account. The AssureIT team put together a list of tools to help you check for these vulnerabilities in your network.

Learn More
Thoughts on Blocking Powershell.exe

Defenders do not view the world of infosec through the eyes of a determined, skilled attacker. They view the world through the quantity and quality of tickets generated by their SIEM (if they have one). It is true that a determined, skilled attacker (read and understand that) can work around a correctly implemented PowerShell block. One such method is to drop an exe to disk call a dlls.

Learn More
Intro To Active Directory Delegation

One of the most frequent questions I get from my CircleCityCon/DerbyCon Active Directory talk goes something like "You recommend that we delegate permissions in AD (as opposed to just dropping everything in Domain Admins), but I just inherited this domain and have no idea what delegation is. Help?" Well good news: 1) Delegation in AD isn't […]

Learn More
Qualys Scanner API In Powershell Including External Ticket Creation

So you would like to automate your vulnerability management lifecycle?  Good luck.  But if you are motivated hopefully this little bit of powershell will help.  Here are the prereqs: - Must have powershell v3 - Must use Qualys for vulnerability scanning.  - For added functionality an additional cmdlet has been included to generate tickets with an […]

Learn More
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram