Matt

🔐 UEFI Secure Boot Certificate 2023: A quiet change with big security impact. Firmware security doesn’t usually make headlines, but it should. The 2023 Secure Boot Certificate update is a key step in strengthening trust at boot time and mitigating real world threats 📷If you work with: 📷 UEFI firmware 📷 Enterprise security or IT operations This breakdown is for you 📷#WindowsSecurity" target="_blank" rel="nofollow noopener">shorturl.at/vqqeu#WindowsS… #MSIntune #SecureBoot

🔐 UEFI Secure Boot Certificate 2023: A quiet change with big security impact Firmware security doesn’t usually make headlines, but it should. The 2023 Secure Boot Certificate update is a key step in strengthening trust at boot time and mitigating real world threats 🛡️ If you work with: ✅ Intune Admin ✅ UEFI firmware ✅ Enterprise security or IT operations This breakdown is for you 👇 shorturl.at/vqqeu #WindowsSecurity #MSIntune #SecureBoot

@NathanMcNulty @CynicLib Let's go, I am waiting.

Soon ™️

@xenappblog @CynicLib @MSIntune @kaidja I worked this week on the same issue, about to release a full blog on how to fix it by gpo or intune policy with a dashboard.

One Platform Script that will instantly fix most of your Secure Boot Status Not up to date in @MSIntune Why is nobody other than @kaidja talking about this? Try it out and give it 24 hours. WinCsFlags.exe /apply --key F33E0C8E002

@jeffirvine Agree

@muthmsir Also, don't sign into your privileged account on a shared device and definitely DO NOT leave it unlocked and unattended!

🔐 Quick Intune security win you might be missing If you’re an Intune admin, leaving the console open while inactive is a real risk; it happened to me sometimes until PIM timeout. However, many customers I worked with do not even have PIM. ✅ Enable “Sign me out when inactive” in the Microsoft Intune admin center ✅ Automatically signs out idle sessions ✅ Reduces risk on shared or unlocked devices ✅ Aligns with zero‑trust and least‑privilege principles 📍 Portal settings → Signing out + notifications Small setting. Big security impact. I personally think 1 hour away is more than enough to sign the admin out. #MSIntune #EndpointSecurity #ZeroTrust #IAM #CloudSecurity

🔐 Quick Intune security win you might be missing If you’re an Intune admin, leaving the console open while inactive is a real risk; it happened to me sometimes until PIM timeout. However, many customers I worked with do not even have PIM. ✅ Enable “Sign me out when inactive” in the Microsoft Intune admin center ✅ Automatically signs out idle sessions ✅ Reduces risk on shared or unlocked devices ✅ Aligns with zero‑trust and least‑privilege principles 📍 Portal settings → Signing out + notifications Small setting. Big security impact. I personally think 1 hour away is more than enough to sign the admin out. #MSIntune #EndpointSecurity #ZeroTrust #IAM #CloudSecurity

@ar4nier Aaron, I usually run the assessment before I start, midway through the project, and at closeout, I show the customer the differences based on the run date. use the date by the end of the page

@muthmsir ... and secure score doesn't provide history that goes back far enough.

ZeroTrust Workshop is now available on the web instead of in an Excel sheet. Last week, Microsoft announced the updated, 🚀brand new ZeroTrust Workshop. Most of us used the Excel sheet with our customers. We hoped to see this Excel sheet on the web, like the ZeroTrust Assessment. Now, I just want to give a big thanks to ✨Tarek Dawoud and @merill . Of course, there are many great people behind this, but unfortunately, I do not know their names. Once you complete a few of them, you'll see the score and how much is left to meet the ZeroTrust. Report before you complete anything Try it 👉 zerotrust.microsoft.com

@ar4nier Do this with a Zero Trust Assessment, which will provide you with all details about your environment.

@muthmsir I would love if they could make a sign-in option for this url that would pull up your results at a tenant level so we don't even have to maintain the previous assessment results. Like a permanent artifact to supplement the secure score ecosystem

@EFromeden Have you visited the Microsoft Zero Trust Workshop page? If so, select any step that is’Nor Review’, then from the bottom select In progress, completed, not applicable, etc. Check it and let us know.

@muthmsir Okay but where are the steps ? All I see is a interactive web page

@EFromeden Microsoft Workshop is a platform IT uses to achieve zero trust by following the steps outlined.

@muthmsir What do you mean by workshop ?

@ar4nier Yup, I think it was built by a mix of PowerShell, HTML, JavaScript, not sure what else

@muthmsir They started designing the results to be in a powerBI format. Didn't make it suck less. This is a major improvement.

ZeroTrust Workshop is now available on the web instead of in an Excel sheet. Last week, Microsoft announced the updated, 🚀brand new ZeroTrust Workshop. Most of us used the Excel sheet with our customers. We hoped to see this Excel sheet on the web, like the ZeroTrust Assessment. Now, I just want to give a big thanks to ✨Tarek Dawoud and @merill . Of course, there are many great people behind this, but unfortunately, I do not know their names. Once you complete a few of them, you'll see the score and how much is left to meet the ZeroTrust. Report before you complete anything Try it 👉 zerotrust.microsoft.com

🛡️ IT teams shouldn’t wait on cybersecurity reports to find vulnerabilities. I built a local Vulnerability Dashboard that checks MSRC + limited app CVEs—no API or Entra app needed ✅ Shows critical/high vulns ✅HTML dashboard ✅ Fast device insights ✔️ Helps teams fix issues before the cyber team pings them 👍🏻Grab it on GitHub: github.com/Muthannaaljana… Read the blog📷 Vulnerability Dashboard – Texas Tech Squad 👉 shorturl.at/w7id4 #cybersecurity #MSIntune #Windows #Microsoft

🚀 It's great to see MAA featured in the banner pop-up on my Intune home page today, reminding us to secure our Intune. #MSIntune #Microsof

🔐 Security standards such as CIS Benchmarks are influential; however, their effectiveness depends on careful implementation. A minor oversight in a Level 2 M365 policy provided me with a valuable lesson in balancing security and usability. 👇 shorturl.at/q1fuO

🔐 Security standards such as CIS Benchmarks are influential; however, their effectiveness depends on careful implementation. A minor oversight in a Level 2 M365 policy provided me with a valuable lesson in balancing security and usability. 👇 shorturl.at/q1fuO

⚠️ Highlights critical/high quickly ⚡ Helps you fix issues faster Here is the link txtechsquad.com/2026/03/01/vul… you can also go to the GitHub Repo github.com/Muthannaaljana… 2/2

Ever patch a device and still get slammed with vulnerability reports? 😅 I built a local-run Vulnerability Dashboard to give IT pros immediate visibility—no APIs, no Entra app, just PowerShell + HTML. 🔍 Checks MSRC 📦 Shows limited app CVEs 1/2