When it comes to doing a forensic investigation, we want to take the approach of looking wide, and then digging deeper into the data. This helps you avoid going down rabbit holes as much as possible and allows you to easily pivot to other data you’ve collected or taken note of. Now, for today’s example… Continue reading Investigation with Defender for Endpoint, Investigation Package , Part 1
Wrote this a while ago, never posted it because I have an issue thinking none of my posts are ready, so here it is anyway. I’ll likely add to this at some point. I read Oliver Kieselbach’s post here a while back and just wanted to add some information to the flow. Looking at the CSP Reference guide… Continue reading Intune diagnostic retrieval
When it comes to managing data these days it can definitely get a little crazy, there are just so many ways data moves around on different devices in different apps. Keeping a close eye on everything can be tricky, but one thing to help out here is Windows Information Protection (WIP). Previously known as enterprise… Continue reading Managing Windows 10 with Intune – WIP for Office 365
Introduction: There are numerous conversations surrounding Azure Policy. This post will provide information to accompany those conversations. This post will be a living and constantly modified document throughout the product development. Post Purpose: The purpose of this document is to explain the following: What is Azure Policy Intended Audience: The intended audience will be Azure… Continue reading Azure Policy: Your Enterprise Azure Resource Guardrails!
Managing Windows 10 with Intune – AutoPilot Reset Playing with the AutoPilot Reset and essentially refreshing my home laptops over and over, I thought why not just document and share it. I’m coming at this from a “Devices already managed” approach, so I did not pre-register my hardware ID’s for the full white glove experience.… Continue reading Managing Windows 10 with Intune – AutoPilot Reset
Azure Security Center Playbooks First off, what is a Playbook in Azure Security Center (ASC)? A Security Playbook is a pre-established and scripted set of actions that can be taken in the event of a specific alert within your Azure tenant (think of System Center Orchestrator Runbooks, but for Azure, aimed towards increased Security for… Continue reading Azure Security Center : Playbooks!
INTRODUCTION: Good day IT folks, it’s Trevor coming back at you with another real life scenario that sparked my interest today, that I thought would be valuable to share with the broader community (wish I stumbled across this previously!). Let me set the stage. THE STAGE / SOME BACKGROUND: So I am onsite for a… Continue reading SCCM Side-By-Side Migration: A Real Life Issue – Resolved.
Had to write something up for a customer, so I thought I’d share that. Nothing mind blowing here, just the simple process of deploying a CU for SQL 2016 SP1 with an uninstall package to showcase the roll back of said CU. The customers DBA team was looking to see how they could leverage SCCM… Continue reading Deploy SQL CU w/ rollback package
The Request: Good Day Everyone! I come to you this lovely afternoon with a post on a custom report request that came my way – that oddly enough was nowhere to be found as an offered solution within SCCM or on the wonderful World Wide Web! Last week a customer emailed me asking for a… Continue reading SCCM Custom Report Request – PXE Enabled Distribution Points and Boundary Group Membership
Good day everyone! Recently I spoke at Microsoft Tech Talk – Dallas on this topic, and I wanted to put together a quick informative post on some of the prerequisite steps along with implementation steps necessary to deploy the SCCM Cloud Management Gateway! This is an amazing feature that is truly a new way to… Continue reading ConfigMgr Cloud Management Gateway!