Secwerks–The bug

Registrations still open:

CIAOPS Secwerks

A virtual 16 hour level 400+ event focused on teaching the security best practices for Microsoft 365.

This remote classroom style learning event will be conducted over four half day sessions and cover topics such as Email security, Device configurations, Windows 10 Security features and more.

If you manage an Office 365 or Microsoft 365 environment, this event is for you.

CIAOPS Need to Know Microsoft 365 Webinar – August

laptop-eyes-technology-computer

Join me for the free monthly CIAOP Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at the role SharePoint plays in Microsoft 365 and how it is your repository for shared files.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite! Yeah Teams webinars.

You can register for the regular monthly webinar here:

August Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – August 2021
Friday 27th of August 2021
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

Testing for the PrintNightmare vulnerability

Taking inspiration from:

https://github.com/gentilkiwi/mimikatz/tree/master/mimispool#readme

I’ve updated my own security testing script here:

https://github.com/directorcia/Office365/blob/master/sec-test.ps1

to check for the PrintNightmare vulnerability.

The video

https://www.youtube.com/watch?v=LvmRlc40WWI

gives you a walk through of the process when you run my security testing script and results on a vulnerable system.


Announcing the CIAOPS Patron Power Platform community

pexels-led-supermarket-577514

I am pleased to announce the new CIAOPS Patron Power Platform Community (3PC). The growing need for applications in modern businesses and the increasing functionality provided by the Microsoft Power Platform has created a need for skilled professionals. It is the aim of the CIAOPS Patron Power Platform Community to provide somewhere that people interested in solving business challenges with the Microsoft Power Platform can come together, share learn and grown their knowledge.

One of the things that makes the CIAOPS Patron Power Platform Community unique will be it’s focus on providing solution for small businesses. There are lots of resources available for larger businesses but we wanted to bring a similar set of resources plus more for smaller businesses. This community is also not solely focused on technology, it is designed as place to solve business challenges with technology, specially, with the Microsoft Power Platform. This means you don’t need to be a developer, and IT administrator or even have any experience with the Microsoft Power Platform to join. You just need to want to learn more about the Microsoft Power Platform and how it can be harnesses inside a business to improve productivity.

Another major difference with the CIAOPS Patron Power Platform Community is the desire to ensure that is an active community. This means that there is an expectation that to invest at least one hour a week in the community forums, attending events and contributing to group projects. We also encourage all member to obtain at least one Microsoft Power Platform certification (the PL-900 certification being the recommended starting point) within 6 months of joining. the community is full of all the resources you’ll need to pass these exams and there are members who are more than willing to help mentor you through your certification journey.

We want the CIAOPS Patron Power Platform Community to be a place where people can contribute to group projects that aim to build solutions such as the

Power Automate Drink Ordering System

Projects like these are the best way to learn about the Microsoft Power Platform as well as learn from those more experienced. We also love it when people bring a project they wish to develop with the help of the community. The more projects we work on the more we all learn.

We have big plans for the CIAOPS Patron Power Platform Community and we are just getting started. As such are offering a never to be repeated foundation membership of A$15 per month to be part of what we think will become much bigger in the not to distant future. Now is therefore the time to jump on board at this specially discounted rate and enjoy the benefits of membership for life! You’ll find the links to sign up here:

https://www.ciaopspatron.com/

scroll down the page until you see the Power Platform option.

We are super excited to launch this community publicly and we hope that you can join us on this journey with the Microsoft Power Platform.

Basics of deploying Windows Defender Application Control (WDAC) using Intune

Windows Defender Application Control (WDAC) is the more modern approach to application white listing on a windows 10 device when compared to AppLocker. It is however, just as easy to deploy using Intune as this video shows:

https://www.youtube.com/watch?v=M2cZrV-mRlo

You firstly need to create your WDAC policy as an XML file. Then you use the PowerShell command:

ConvertFrom-CIPolicy

to ‘compile’ it into a .bin file. You upload this .bin file into an Intune device configuration policy and apply that to all the desired machine.

Remember, unlike AppLocker, WDAC applies to the whole machine, not individual users of that machine.

Remember, WDAC is already part of Windows 10 so there is no additional cost and using Intune, it will work with both Windows 10 Enterprise and Professional to help you secure your environment.


Basics of deploying AppLocker using Intune

One of the great things about deploying Windows AppLocker via Microsoft Intune is that it supports both Windows 10 Enterprise and Professional. It is also quite straight forward to deploy as I hope the video conveys.

Once you have your base policies, you create a custom Windows 10 device Configuration policy with Intune and deploy it to your device fleet. Once that process is complete you’ll have the same application control you had on a single device but now across as many machines as you wish.

Remember, that Windows AppLocker is free with Windows 10 and easily deployed to machined from the cloud using Microsoft Intune.

Power Platform product release

pexels-clem-onojeghuo-175711 (1)

I am please to announce the inaugural product release from the CIAOPS Patron Power Platform Community:

Power Automate Drink Ordering System

This is a PDF document that takes your step by step through creating an automated process for bulk ordering of drinks. This solution was developed to solve the challenge or ordering many drinks at events, however it could be used for much more mundane things such as preparing complimentary drinks when guests attend a business.

This project can also be seen as a great way to start learning the Microsoft Power Platform by creating a real world process using Power Automate (Microsoft Flow). The information provided run to over 130 pages and includes screen shots and easy to follow instructions.

To celebrate the release of this inaugural product, it is being offered at a special 75% discount which you can take advantage of here:

https://directorcia.gumroad.com/l/lDekX/foundation

This special offer is available for the first 25 purchases! So if you are interested in getting your hands dirty with the Microsoft Power Platform, here’s a great opportunity to get started.

Look out for more projects coming soon from the CIAOPS Patron Power Platform Community.