Azdamus

@IAMERICAbooted And that sometimes MS Reps will be just as clueless as AI. Unless you manage to invoke a black belt or someone from the product group via Account Manager. There’s also that.

Do you know what the biggest challenge is working in Microsoft Cloud Security? People that dont understand technology but think they do because of AI.

@IAMERICAbooted And/or communication. Big companies sure love to talk gibberish and not be accountable through lack of communication.

Before I accepted my new role, someone asked me, "How can we ensure you are a happy employee" My answer: "Leadership support"

@IAMERICAbooted The company I work for now and the previous employer used Splunk. Previous employer used Exabeam for strict cybersec related logs.

How many org are still using Splunk? It used to be the number 1 SIEM/SOAR

@iyoushetwt Java. Thank God I was delivered from the misery!

Programming language you learned once but never touched again?

@WellKnitTech @IAMERICAbooted I second this!

@IAMERICAbooted Can we perpetuate hate of TAs and Microsoft's brain dead decisions still?

Hey everyone, Im going to be pruning my "followers" I dont know. No offense. I'm selective about who I surround myself with as this is a place of leisure for me. One thing that's really important to me is to not affiliate with people who form mobs online and perpetuate hate and drama. We all have different opinions. I dont want to affiliate with people who resort to threatening behavior because people disagree with them (i.e. saying I'm going to regret expressing an opinion that doesnt align with their and making up rumors about my skills in an effort to influence people to participate in targeting me in defamatory fashions). I expect more from the people I associate with and I hope you do to.

@TracketPacer I saw what you did there. That’s so clever! 😆

sorry i only date CISSPs

@IAMERICAbooted @lbonjean Claude 4.5 will put OpenAI to shame. Its addictively good.

@lbonjean Will do!! That has been on my short list for a bit. Thanks!

Not gonna lie. I love being able to use m365 Copilot to its capabilities. It allows me to create dashboards and analytics on large files in hours compared to the days/weeks it would take me to create the same things. Also, chatgpt (not Copilot) scripting capabilities are getting insanely good compared to what they used to do. I can whip out scripts now in a couple hours that I probably would have never written before because it takes to much time.

@TracketPacer That’s one way to short circuit your brain 😂

something to take the edge off

@IAMERICAbooted I have zscaler at my workplace and the cretins in charge block almost everything except cloning github repos and compiling the damn thing yourself.

Got blocked from installing PowerShell 7 via the .msi I need pwsh7 to use a tool I need for a high priority objective. I try to do it the right way: open tickets, request access, wait two weeks, still no progress. Went around it by downloading it from zip and altering local environment variables. Why am I telling this story? Your security controls are supposed to block attackers, not employees from doing their jobs. Most of the time, your "controls" dont work like you think they do anyway.

@IAMERICAbooted I am onboard the E5 train than add-ons. But the problem will always be corporate politics between departments and how many favours and bribes higher ups get to go the illogical route.

Hello World, I dont work for Microsoft, but please, just get E5 and save yourself so much frustration with licensing and integration madness that causes downstream problems. If your an engineer, you know what Im talking about. Yes, I know it's expensive. It's because you're paying for: IdP Productivity and Collaboration tools Mail with security CASB, CNAPP, CSPM, SSPM, DLP EDR and AV SIEM (extra) Device management Application control Attack surface reduction Advanced configuration management Patching solution MDM with Security Compliance tools Legal Tools Bookkeeping tools Project Management Tools Extensibility And so much more. People just dont know how to use it lol. Bet you spend way too much money on Atlassian. All the same stuff is in M365. Atlassian was better at sales and dominates the market share. You dont need most of your infrastructure management and security tools. I know, that hurts to hear.

@GwYd10n @NathanMcNulty that is for advanced users. :D

@Azdamus1 @NathanMcNulty Or 6 digits (DOB)

cyber awareness month is off to a great start

@IAMERICAbooted I gave one or two examples, but it did make a dent.

@Azdamus1 I should now demo all the attacks in my last blogpost 😆 Spoiler alert: they all still work

If only I didn't know how misleading this is 😝

@IAMERICAbooted Queen of the South! You’ll love it! And when you’re done with Breaking Bad, go watch Better call Saul!

My latest movie binge is cartel movies. What's a good cartel movie aside from the Sicario movies?

@IAMERICAbooted then start chipping away 1 by 1 as self improvement and growth. Find communities with the same interest as you do - either physical or virtual (Martial arts, D&D, book club, etc.) Physical activities, especially sports that require you to have a strategy, strengthen the mind.

@IAMERICAbooted Sometimes the voices in our head get very loud, especially when we have loads of free time. I second what others have mentioned - walks, chores, etc. They are good to take the edge off, what I also do to cut down on those thoughts is to start putting all of them on a list 1/x

Not working and having to sit with feelings I've been stuffing down is not easy right now.

@IAMERICAbooted 101 is Level 1 IAM & Purview is Level 2 Prod - is Hell.

M365 101 - It's less than 500 pages. When you start getting into Identity and Purview, it will be another 30000 pages to read. I'm not joking. learn.microsoft.com/pdf?url=https%…

@techspence You don't need more certifications. You need more experience. - there, I fixed it. I am in an org filled with ex-MS employees in mgmt position that push people to get cert for every tech that is used and under the sun. Brain dumps are having a blast.

You don’t need more cybersecurity certifications, you need more experience…

@offbeat @IAMERICAbooted The larger the org, the more people avoid responsibility and play politics & defer. It's not wrong, it's ideal to have it that way. But I've seen execs sharing the device with their assistant or the assistant losing her phone that has the execs MFA reg or FIDO fob.

@Azdamus1 @IAMERICAbooted I don't have experience with government stuff, sorry. What would be wrong with letting C level execs use Microsoft Auth passwordless or passkeys? Would that be sufficient too?

This is why authentication contexts are important. Here's some things you can do: 1. CAP that implements device filters requiring device compliance, trust and/or company owned devices. 2. CAP that requires authentication stength in an authentication policy that only allows FIDO2/webauthn/CBA and no others. 3. Turn off other MFA options in per-user MFA 4. Assign appropriate groups in Authentication Policy options and look for gaps. 5. Require a VPN and configure approved Named Locations with IP allow lists, and allow only access from those locations. 6. If you have P2 (comes with E5/G5/A5 or as an addon to E3/G3/A3/Busines Premium/Business Standard), configure CAPs for User Risk and Signin Risk. 7. In some clouds, you still need to have a CAP to Block Legacy Auth as well.