Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready!

Links

• KB5014754
• Microsoft Security Response Center
• Create and Assign SCEP Certificate Profiles in Intune

Recorded April 10, 2025

How do you talk to security? While at NDC Melbourne, Richard chatted with Sarah Young about her approaches to helping folks work with the security team. Often seen as an impediment to business, Sarah talks about what motivates security teams, how to use language to help them understand that you are taking security seriously, and how to get more things done! Ultimately, the DevOps mantra of providing value to the customer still works - working with people to improve the processes that lead to secure systems helps everyone!

Links

• Daniel Pink's Drive
• Managed Identities for Azure
• Tenerife Airport Disaster

Recorded April 30, 2025

What's new in PowerShell 7.5? Richard talks to Jason Helmick about the latest version of PowerShell. Jason talks about 7.5 being a version with plenty of community contributions and what that means for everyone. He also discusses 7.6, which will be released as a long-term support version of PowerShell synchronized with .NET 10. Then, on to Desired State Configuration 3.0.0, which makes DSC work effectively across platforms, with or without PowerShell itself! 7.5 is a great version - are you up to date?

Links

• PowerShell 7.5
• PowerShell on GitHub
• Desired State Configuration 3.0.0
• WinGet Configuration
• System Configuration Tools in Windows

Recorded April 4, 2025

Active Directory is 25 years old - are you still managing it like it's 1999? Richard talks to Liz Tesch about her excellent blog post on the subject and the challenge many sysadmins have with Active Directory today. Liz talks about how WAN bandwidth was a concern in the early 2000s, so we organized Active Directory into Organizational Units to minimize the amount of AD traffic over the WAN - today, that is irrelevant. The challenge today is ensuring AD is not a vector for blackhats to attack the organization. Raising your functional level and utilizing some great free tools (check the links in the show notes) are all you need to use Active Directory like it's 2025!

Links

• Active Directory is 25 Years Old. Do you still manage it like it's 1999?
• mimikatz
• Windows Local Administrator Password Solution
• Microsoft Entra Privileged Identity Management
• Kara Lawson - Handle Hard Better
• Endpoint Detection and Response

Recorded April 4, 2025

How do you make a career in cybersecurity? Richard talks to Yuri Diogenes about his work in cybersecurity, including his book on building a career in cybersecurity. Yuri talks about the inquisitive mindset that works well in cybersecurity - wanting to understand why things happen and get to the root cause. The conversation also explores the value of experimentation and practical experience as well as certifications and training - they all have value. However, it is also recognized that cybersecurity encompasses a vast area of work - it's not one kind of job, so you have a lot of choices to make!

Links

• Building a Career in Cybersecurity

Recorded March 14, 2025

So what does modern work look like today? Richard talks to Karoliina Kettukari about her new role as the Head of Modern Work for a financial services company in Finland, and what modern work has evolved. Karoliina talks about how the pandemic accelerated modern work, such as being able to work anywhere and collaborating with whomever you need to. Post-pandemic, there is a push for more work from the office, but remote work is still essential - and now artificial intelligence is changing the landscape again. The rapid evolution of AI technologies is a challenge for admins, but the productivity benefits are becoming obvious - you need some good governance!

Links

• Microsoft 365 Copilot Overview
• The EU Artificial Intelligence Act
• European Collaboration Summit

Recorded March 6, 2025

What can agentic AI do for you? Richard talks to Tim Warner about his work utilizing next generation agentic AI technologies to help with sysadmin tasks. Tim talks about the early lead that Cursor AI took with AI agents capable of writing and executing scripts on your behalf - as opposed to just creating code you can cut-and-paste. Today, GitHub Copilot has caught up with Agent Mode in Copilot Edits, although still in preview, it speaks to a future where sysadmins use these tools to write better scripts for work - and get more done in less time!

Links

• Cursor AI
• OpenAI Operator
• GitHub Copilot
• Copilot Edits

Recorded February 17, 2025

Are some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20% are best done by hand because the cost and complexity of the last 20% are too high. Focus on the return on investment for the business, and you'll keep the love of PowerShell alive!

Links

• PowerShell
• Pester Testing
• GitHub Copilot
• Bicep

Recorded February 24, 2025

How can Security Copilot help you secure your applications? Richard talks to Ari Schorr about assessing application risk with Microsoft Security Copilot - a new feature in preview in Security Copilot that focuses on application roles and entities. Ari talks about the sheer array of resources that applications depend on, and the many security risks that exist in that space - how do you even get started on the problem? Security Copilot helps to sort through potential risks and help a sysadmin focus in on the most significant risks, especially the low-hanging fruit weak authentication and unused resources. The conversation also explores some of the future potential of a tool like this to detect supply chain attacks, find ways to strengthen and simplify applications so their attack surface is smaller. It's a great time to get familiar with these tools!

Links

• Microsoft Security Copilot
• Midnight Blizzard Attack on Microsoft
• Secure Future Initiative
• Assess Application Risk with Microsoft Security Copilot
• Microsoft Sentinel

Recorded February 18, 2025

What can GitHub Copilot do for SysAdmins in 2025? Richard talks to Jessica Deen from GitHub about her experiences using Copilot for her work. Jessica talks about Copilot being the first stop for most tasks - describing the task to Copilot helps you think through the problem, and often the tool can generate code or information to get that task done fast. Today's GitHub Copilot can handle everything from explaining existing code to writing something new, debugging a problem, or even writing documentation!

Links

• GitHub Copilot
• Changing the AI Model for Copilot Chat
• Visual Studio Code Insiders
• Azure Extensions
• GitHub Spark
• Launch Darkly

Recorded March 13, 2025