CISO Tradecraft®

#114 - One Vendor to Secure Them All

Listen Later

Did you ever wonder how much security you can implement with a single vendor?  We did and were surprised by how much you can do using the Australian Top Eight as a template.  We'll bet you can improve your security by using these tips, tools, and techniques that you might not have even known were there.

Special thanks to our sponsor Praetorian for supporting this episode.

https://www.praetorian.com/

Full Transcripts:

https://docs.google.com/document/d/12HsuOhY9an1QzIw9wOREPMX0pXe5hqkJ

Helpful Links

  1. Essential 8 https://www.microsoft.com/en-au/business/topic/security/essential-eight
  • Blocking Macros https://ite8.com.au/the-essential-8/office-macros-explained/ 
  • Windows Defender Application Control or WDAC (available from Windows 10 or Server 2016 or newer) previously Windows had App Locker (Windows 7 / 8)
    • https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager
  • https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control
  • Windows Group Policies
    • https://techexpert.tips/windows/gpo-block-website-url-google-chrome/
  • https://chromeenterprise.google/policies/#SafeBrowsingAllowlistDomains 
  • https://data.iana.org/TLD/tlds-alpha-by-domain.txt 
  • Software Restriction Policies http://woshub.com/how-to-block-viruses-and-ransomware-using-software-restriction-policies/
  • Blocking websites URL - only allow (.com, .org, .net, edu, .gov, .mil, and the countries you want).   
  • Locking down Active Directory https://attack.stealthbits.com/tag/active-directory 
  • File Service Resource Management
    • http://woshub.com/using-fsrm-on-windows-file-server-to-prevent-ransomware/
  • Enable MFA for RDP
    • https://docs.microsoft.com/en-us/azure/active-directory-domain-services/secure-remote-vm-access  
  • https://duo.com/docs/rdp
  • Enable MFA for SSH
    • https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/auth-ssh
  • https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-linux 
  • Windows Controlled Folder Access
    • https://support.microsoft.com/en-us/topic/ransomware-protection-in-windows-security-445039d6-537a-488a-ad53-48906f346363
  • Use Windows File History to create backups to one drive.
    • https://www.ubackup.com/windows-10/file-history-backup-to-onedrive-4348.html
  • Storing your files to One Drive which has ransomware detection
    • https://support.microsoft.com/en-us/office/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f
  • Windows Update
    • Select Start > Settings > Windows Update > Advanced options. Under Active hours, choose to update manually or automatically in Windows 11. 
  • https://support.microsoft.com/en-us/windows/keep-your-pc-up-to-date-de79813c-7919-5fed-080f-0871c7bd9bde 
  • Microsoft Conditional Policies- https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common 
  • Microsoft Authenticator with Number Matching, Geo, & Additional Context
    • https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-additional-context 
  • https://websetnet.net/microsoft-rolls-out-new-microsoft-authenticator-features-for-enterprise-users/
  • Application Approve List- https://www.bleepingcomputer.com/tutorials/create-an-application-whitelist-policy-in-windows/
    • ...more
    View all episodesView all episodes
    Download on the App Store
    CISO Tradecraft®By CISO Tradecraft®
    • 4.8
    • 4.8
    • 4.8
    • 4.8
    • 4.8

    4.8

    48 ratings

    More shows like CISO Tradecraft®

    View all
    Risky Business by Patrick Gray

    Risky Business

    363 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    633 Listeners

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    371 Listeners

    Hacked by Hacked

    Hacked

    175 Listeners

    CyberWire Daily by N2K Networks

    CyberWire Daily

    1,009 Listeners

    Smashing Security by Graham Cluley & Carole Theriault

    Smashing Security

    313 Listeners

    Click Here by Recorded Future News

    Click Here

    385 Listeners

    Malicious Life by Malicious Life

    Malicious Life

    926 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    7,830 Listeners

    Cybersecurity Today by Jim Love

    Cybersecurity Today

    141 Listeners

    CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

    CISO Series Podcast

    187 Listeners

    Hacking Humans by N2K Networks

    Hacking Humans

    308 Listeners

    Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

    Defense in Depth

    72 Listeners

    Cyber Security Headlines by CISO Series

    Cyber Security Headlines

    120 Listeners

    Risky Bulletin by risky.biz

    Risky Bulletin

    33 Listeners