January 30, 2023

#114 - One Vendor to Secure Them All

24 minutes

Did you ever wonder how much security you can implement with a single vendor? We did and were surprised by how much you can do using the Australian Top Eight as a template. We'll bet you can improve your security by using these tips, tools, and techniques that you might not have even known were there.

Special thanks to our sponsor Praetorian for supporting this episode.

https://www.praetorian.com/

Full Transcripts:

https://docs.google.com/document/d/12HsuOhY9an1QzIw9wOREPMX0pXe5hqkJ

Helpful Links

Essential 8 https://www.microsoft.com/en-au/business/topic/security/essential-eight

Blocking Macros https://ite8.com.au/the-essential-8/office-macros-explained/

Windows Defender Application Control or WDAC (available from Windows 10 or Server 2016 or newer) previously Windows had App Locker (Windows 7 / 8)

https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control

Windows Group Policies

https://techexpert.tips/windows/gpo-block-website-url-google-chrome/

https://chromeenterprise.google/policies/#SafeBrowsingAllowlistDomains

https://data.iana.org/TLD/tlds-alpha-by-domain.txt

Software Restriction Policies http://woshub.com/how-to-block-viruses-and-ransomware-using-software-restriction-policies/

Blocking websites URL - only allow (.com, .org, .net, edu, .gov, .mil, and the countries you want).

Locking down Active Directory https://attack.stealthbits.com/tag/active-directory

File Service Resource Management

http://woshub.com/using-fsrm-on-windows-file-server-to-prevent-ransomware/

Enable MFA for RDP

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/secure-remote-vm-access

https://duo.com/docs/rdp

Enable MFA for SSH

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/auth-ssh

https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-linux

Windows Controlled Folder Access

https://support.microsoft.com/en-us/topic/ransomware-protection-in-windows-security-445039d6-537a-488a-ad53-48906f346363

Use Windows File History to create backups to one drive.

https://www.ubackup.com/windows-10/file-history-backup-to-onedrive-4348.html

Storing your files to One Drive which has ransomware detection

https://support.microsoft.com/en-us/office/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f

Windows Update

Select Start > Settings > Windows Update > Advanced options. Under Active hours, choose to update manually or automatically in Windows 11.

https://support.microsoft.com/en-us/windows/keep-your-pc-up-to-date-de79813c-7919-5fed-080f-0871c7bd9bde

Microsoft Conditional Policies- https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common

Microsoft Authenticator with Number Matching, Geo, & Additional Context

https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-additional-context

https://websetnet.net/microsoft-rolls-out-new-microsoft-authenticator-features-for-enterprise-users/

Application Approve List- https://www.bleepingcomputer.com/tutorials/create-an-application-whitelist-policy-in-windows/

...more

View all episodes

By CISO Tradecraft®

4.8

4848 ratings

January 30, 2023

#114 - One Vendor to Secure Them All

24 minutes

Special thanks to our sponsor Praetorian for supporting this episode.

https://www.praetorian.com/

Full Transcripts:

https://docs.google.com/document/d/12HsuOhY9an1QzIw9wOREPMX0pXe5hqkJ

Helpful Links

Essential 8 https://www.microsoft.com/en-au/business/topic/security/essential-eight

Blocking Macros https://ite8.com.au/the-essential-8/office-macros-explained/

Windows Defender Application Control or WDAC (available from Windows 10 or Server 2016 or newer) previously Windows had App Locker (Windows 7 / 8)

https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control

Windows Group Policies

https://techexpert.tips/windows/gpo-block-website-url-google-chrome/

https://chromeenterprise.google/policies/#SafeBrowsingAllowlistDomains

https://data.iana.org/TLD/tlds-alpha-by-domain.txt

Software Restriction Policies http://woshub.com/how-to-block-viruses-and-ransomware-using-software-restriction-policies/

Blocking websites URL - only allow (.com, .org, .net, edu, .gov, .mil, and the countries you want).

Locking down Active Directory https://attack.stealthbits.com/tag/active-directory

File Service Resource Management

http://woshub.com/using-fsrm-on-windows-file-server-to-prevent-ransomware/

Enable MFA for RDP

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/secure-remote-vm-access

https://duo.com/docs/rdp

Enable MFA for SSH

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/auth-ssh

https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-linux

Windows Controlled Folder Access

https://support.microsoft.com/en-us/topic/ransomware-protection-in-windows-security-445039d6-537a-488a-ad53-48906f346363

Use Windows File History to create backups to one drive.

https://www.ubackup.com/windows-10/file-history-backup-to-onedrive-4348.html

Storing your files to One Drive which has ransomware detection

https://support.microsoft.com/en-us/office/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f

Windows Update

Select Start > Settings > Windows Update > Advanced options. Under Active hours, choose to update manually or automatically in Windows 11.

https://support.microsoft.com/en-us/windows/keep-your-pc-up-to-date-de79813c-7919-5fed-080f-0871c7bd9bde

Microsoft Conditional Policies- https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common

Microsoft Authenticator with Number Matching, Geo, & Additional Context

https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-additional-context

https://websetnet.net/microsoft-rolls-out-new-microsoft-authenticator-features-for-enterprise-users/

Application Approve List- https://www.bleepingcomputer.com/tutorials/create-an-application-whitelist-policy-in-windows/

...more

More shows like CISO Tradecraft®

View all

Security Now (Audio)

1,986 Listeners

Risky Business

364 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

CyberWire Daily

1,016 Listeners

Smashing Security

316 Listeners

Click Here

407 Listeners

Darknet Diaries

7,956 Listeners

Cybersecurity Today

164 Listeners

CISO Series Podcast

189 Listeners

Hacking Humans

312 Listeners

Defense in Depth

76 Listeners

Cyber Security Headlines

128 Listeners

Risky Bulletin

43 Listeners

The Pragmatic Engineer

62 Listeners

Share #114 - One Vendor to Secure Them All

Sign up to save your podcasts

#114 - One Vendor to Secure Them All

#114 - One Vendor to Secure Them All

More shows like CISO Tradecraft®

Security Now (Audio)

Risky Business

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

CyberWire Daily

Smashing Security

Click Here

Darknet Diaries

Cybersecurity Today

CISO Series Podcast

Hacking Humans

Defense in Depth

Cyber Security Headlines

Risky Bulletin

The Pragmatic Engineer