CIAOPS Need to Know Microsoft 365 Webinar – December


Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Power Virtual Agents.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

December Webinar Registrations

(If you are having issues with the above link copy and paste –

The details are:

CIAOPS Need to Know Webinar – December 2022
Friday 16th of December 2022
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

or purchase them individually at:

Also feel free at any stage to email me directly via with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

Microsoft 365 incident response training


In early 2023 I’ll be running an incident response training course for Microsoft 365 environments. Training will held over four consecutive weeks. Each session will be two (2) hours and run from 9am Sydney time.The dates are:

Wednesday January 11th 2023 – Before an incident. What you need to do to prepare

Wednesday January 18th 2023 – During an incident. What you need to do when an incident occurs

Wednesday January 25th 2023 – After an incident. What needs to be done after an incident has occurred

Wednesday February 1st 2023 – Lab exercises and group best practice discussions

The sessions will be recorded and other materials from the sessions (checklists, etc) will be available to attendees afterwards.

This event will be conducted remotely via Microsoft Teams.

The aim of this training is to help you better prepare for a security incident inside the Microsoft 365 environment. You’ll learn what settings you should enable and what processes you should have in place before an incident occurs. The sessions will also take you through common examples of incidents and help you understand what needs to be done when they occur and how to minimise risk and impact to a business. The sessions will also take your through the post-incident process to build confidence with what information needs to be maintained and how to prevent similar incidents re-occurring. The final session will be a group hands on lab and discussion so you can put all the skills you have learned to the test.

The price for this event will be:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

You can learn more about the CIAOPS Patron community at

I hope that you’ll join me in January for this event as I believe it provides some much needed training in a very important aspect of managing and securing Microsoft 365. If you are serious about security for Microsoft 365, then you need a plan and this training will aim to give you just that plus some experience to boot!

You can register you interest in attending this course here – after which I’ll be in contact with you to arrange payment and get you enrolled.

As always, if you have any questions about this training please email me on –

I hope to see you there.

Need to Know podcast–Episode 291

After Microsoft cloud news and updates I talk about the importance of OneDrive for Business as an initial step in a successful cloud migration process.

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by



Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron


YouTube edition of this podcast

ACSC Annual Cyber Threat Report, July 2021 to June 2022

ACSC Exercise in a box

Manage exclusions for Microsoft Defender for Endpoint and Microsoft Defender Antivirus

Azure AD Certificate-based Authentication (CBA) on Mobile

Introducing preview access to Microsoft Syntex document processing and more

Microsoft Teams Adoption

What’s new for Microsoft Whiteboard – November 2022

Build connections with Games for Work, a new Microsoft Teams app

Organizational messages for Windows 11 now in public preview

Easily launch an Instant Poll in Teams meetings to engage with your audience & collect feedback

A framework for file migrations to Microsoft 365

Enhanced phishing protection in Windows 11 22H2


If you have Windows 11 22H2 and you take a look at your Windows Security settings under App & Browser control, you’ll find some new settings in Reputation-based protection as shown above.

You can read about these here:

Enhanced Phishing Protection in Microsoft Defender SmartScreen

If you want to enable these settings using an Intune Device policy you can do so using the Settings Catalog like so:


Remember, at the moment, you need Windows 11 22H2 to configure this.

Adafruit Huzzah input from button

After the last project:

Adafruit Huzzah WiFi

I wanted to have the device take input from a switch (which also came in the Starter kit).

Based on my existing projects I now created a configuration of:


Pin 4 = Red LED + Resistor (560 ohm)

Pin 5 = Green LED + resistor (560 ohm)

Pin 2 = button

Each of these lines then went to the GND pin.

For the code I found the following article which was a great help:

from which I adapted my own code at:

So that when the button is pressed it swaps which LED is on like so:


Of course, it could be improved but I am still calling it a success as all I really wanted to do was incorporate input from an external source.

With all this now done, the next aim is to work out how to connect the device to Azure and get Azure capturing the input from the device and reporting it somehow.

Need to Know podcast–Episode 290

I have a few updates from the Microsoft cloud for this episode followed by a discussion about Attack Surface Reduction Rules (ASR) and their importance in reducing your risk.

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by



Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

YouTube edition of this podcast

Microsoft Outlook, your personal organizer, helps you be more productive and in control

Microsoft Digital Defense Report 2022

Investigate incidents more effectively with the new attack story view in Microsoft 365 Defender

Announcing enhanced control for configuring Firewall rules with Windows Defender

What’s New in Microsoft Teams | October 2022

New device control capabilities to manage removable storage media access in Microsoft Intune

Demystifying attack surface reduction rules – Part 1

Demystifying attack surface reduction rules – Part 2

Demystifying attack surface reduction rules – Part 3

Demystifying attack surface reduction rules – Part 4

Enable attack surface reduction rules

Check ASR Rules

Adafruit Huzzah Wifi

My last IoT challenge was to get an

External flashing LED

working and the next was to get the Adafruit Huzzah with ESP8266 to connect to Wifi. To do that I found most the required code here:

and I’ve put my code on my Github here:

You’ll need to put in your own WiFi access point details at the top of the code to connect to your own environment.

This script uses a lot of commands like:


which basically outputs text to a serial port. This allows much easier troubleshooting so you can see what is going on. To see this output you will however need a dedicated serial monitor console program. I started off using Putty:

which works great but upon reflection, I wanted to use something that was integrated directly into Visual Studio code. After some poking around I found this extension:

which is from Microsoft and seems to do what I needed.


You can see the output from my code above in serial monitor. Always ensure you match the output port and baud rate in the serial monitor to the device you have (here COM3 and 115200). Configuring this is very easy with the serial monitor extension.

Without much alteration, I was able to take the initial code and easily connect to my network as well as the Internet. Once connected I could ping the Adafruit Huzzah with ESP8266 from another PC in the network. A pretty painless exercise. Nice that things are becoming a little easier now I’m becoming familiar with this stuff.

So far, all I’ve done is use the Adafruit Huzzah with ESP8266 for output. Next, I’ll be to start taking simple input into the device by reading something like a button press and then taking action on that.

Stay tuned for details on that soon.