Need to Know podcast–Episode 296

In this latest episode I take a quick look at Microsoft Sentinel as well as speak to the benefits and why if you are serious about cybersecurity you should be considering it in every environment. There is also the latest news and updates from the Microsoft Cloud. Listen along and enjoy.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-296-sentinel/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

2023 identity security trends and solutions from Microsoft

Seamless application access and lifecycle management for multi-tenant Azure AD organizations

Skilling up on Microsoft Security, compliance, and identity: Quarterly recap

Cloud Skills Challenge

2023 End-of-Support Milestone in Microsoft 365

New Microsoft Intune troubleshooting experience

Intune remote help introduction

Combatting Risky Sign-ins in Azure Active Directory

Introducing Microsoft Teams Premium, now available

What is Microsoft Sentinel

Introduction to Sentinel

Getting Started with Azure Sentinel

Intune Remote Help introduction

Video link = https://www.youtube.com/watch?v=8CSy-Q383Dw

This video provides an introduction to the Intune Remote Help capabilities and compares it to the free Quick Assist service that is provided with Windows.

Use remote help with Intune and Microsoft Endpoint Manager

Remote help software download – https://aka.ms/downloadremotehelp

January Microsoft 365 Webinar resources

Slides from this month’s webinar are at:

https://www.slideshare.net/directorcia/january-2023-ciaops-need-to-know-webinar

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar.

PlatformIO code compiles but fails to execute when uploaded

This is a really silly one but it tripped me up for far longer than I care to admit. In essence, the issues I was having is that I would successfully compile and upload my code in PlatformIO but for some reason it wouldn’t execute on the device. I tried many, many things, including a complete re-install of the environment to no avail.

The issue was that I was placing my code file at the root of the project file structure (where the red X is above) and not in the SRC directory (where the green tick is above). Thus, when I created a new project using PlatformIO, it created a new empty main.cpp in the SRC directory and was actually compiling that and uploaded that to my device. Because this default template effectively did nothing, the device looked as though it wasn’t working.

Without knowing this, I had create my code in a file, also called main.cpp, but at the root of the project structure that was never being compiled and uploaded! D’Oh!

Once I had my code in the main.cpp file in the SRC directory, it uploaded and executed on the device as expected. I probably should have read the PlatformIO documentation first:

PlatformIO IDE for VSCode

alas, I didn’t and thereby wasted hours trying to work out what was wrong! I’m glad that I’ve now worked it out and I’m sharing just in case someone else has the same issue, as I did spend heaps of time searching for a solution and found none that pointed out my error of file location.

Need to Know podcast–Episode 295

Aside from the usual update from the Microsoft Cloud I tackle I listener question about the methodology of staying up to date with technology. I think the question is more about what NOT to do than what to do. Success is a system and key factor in being successful in business is saying NO more than saying yes. In this episode I’ll give you some tips to creating a system to keeping you current with the Microsoft Cloud.

ou can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-295-staying-up-to-date/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

This episode was recorded using Microsoft Teams and produced with Camtasia 2022.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

@directorcia@twit.social

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

YouTube edition of this podcast

Using MSPs to administer your cloud services

SC-900 free practice tests

The new Sentinel incident experience is here!

A Look at Different Options for Storing and Searching Sentinel Archived Logs

How to run a Windows 11 VM on Hyper-V

Update on Stream (Classic) retirement: Last day of service set for Feb 15, 2024

Microsoft 365 Defender – Monthly news – January 2023

Centrally manage permissions with the Microsoft 365 Defender role-based access control (RBAC) model

Protect your sensitive data against malicious apps

Microsoft Entra: 5 identity priorities for 2023

IPv6 Coming to Azure AD

Microsoft Defender for Endpoint: The Ultimate Solution for Endpoint Security

URLs

Microsoft Defender for Endpoint: The Ultimate Solution for Endpoint Security

In today’s digital world, endpoint security is more important than ever. With the rise of cyberattacks and malware, it’s essential to have a robust security solution in place to protect your business from potential threats. One of the best options available is Microsoft Defender for Endpoint. In this blog post, we’ll take a look at the benefits of using Microsoft Defender for Endpoint to secure your business.

Real-time protection: Microsoft Defender for Endpoint provides real-time protection against malware and other threats. It uses advanced threat intelligence to detect and block malicious activity, keeping your business safe from harm.
Cloud-based: Microsoft Defender for Endpoint is a cloud-based solution, which means it can be accessed from anywhere with an internet connection. This makes it easy to manage and monitor your security, even when you’re on the go.
Easy to use: The user interface of Microsoft Defender for Endpoint is simple and easy to navigate. This makes it easy for even the most non-technical users to manage and monitor their security.
Automated security: Microsoft Defender for Endpoint automates many of the security processes, such as malware scanning and vulnerability assessments. This helps to reduce the risk of human error and ensures your security is always up-to-date.
Integration with other Microsoft products: Microsoft Defender for Endpoint integrates seamlessly with other Microsoft products, such as Office 365 and Azure. This allows for a more comprehensive security solution, as well as improved collaboration and productivity.
Advanced threat protection: Microsoft Defender for Endpoint offers advanced threat protection, including behavioral-based detection, machine learning, and ransomware protection. This provides an extra layer of security to keep your business safe from even the most sophisticated attacks.
Compliance and regulatory standards : Microsoft Defender for Endpoint can help you meet compliance and regulatory standards, such as HIPAA and PCI-DSS. This can help to reduce the risk of fines and reputational damage caused by non-compliance.

In conclusion, Microsoft Defender for Endpoint is an excellent security solution that offers real-time protection, cloud-based management, easy usability, automation, integration with other Microsoft products, advanced threat protection and compliance and regulatory standards. It is essential for any business looking to secure their endpoints. By using Microsoft Defender for Endpoint, you can rest assured that your business is protected from potential threats and that you are meeting compliance standards.

———————————————————————————————

If you have read this far, then you’ll really know that this post is about ChatGPT rather than Microsoft Defender for Endpoint.

This is what I asked ChatGPT to do:

write a blog post on the benefits of Microsoft defender for endpoint

Now it can also generate code as well like the response to:

create a powershell script to connect to Exchange online

to which it gave me:

Here is a basic PowerShell script that can be used to connect to Exchange Online:

$UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session

This script will prompt the user to enter their Exchange Online credentials, and then create a new PowerShell session using those credentials. It will then import the session, allowing you to run Exchange Online cmdlets. You can then run command specific to your needs like, getting mails, setting mailbox etc.

It is important to note that in order to run this script, you will need to have the Exchange Online PowerShell module installed on your machine. Also, make sure that you have the necessary permissions to access the Exchange Online instance.

Of course none of these answers are ‘prefect’, however they are surprisingly good and will be for many a great time saver. If you ask people what the toughest part of any process is, most will say that just getting started is. So using ChatGPT to at least handle this task should make it far easier to kick off any process. Best of all? You can do that today!

The interesting thing for me is that at the moment ChatGPT is just a stand alone chat style question and answer application. However, what happens when it starts being integrated with other service via API calls? What happens when the power of ChatGPT increases and improves.

If you have been at this IT ‘stuff’ for a long as I have you’ve seen many ‘revolutions’ and ‘this changes everything’ moments, many of which didn’t pan out. If nothing else, I think ChatGPT has lifted consciousness about AI and what it can potentially do to the wider population audience (i.e. muggels). What happens after that is the interesting part. Will that ‘enlightenment’ kick ChatGPT to the next level or will fade back into the shadows to be reborn again in the future? Only time will tell.

However, I think that if you are interested in seeing where ChatGPT could go then start using as I have and exploring the possibilities. I can honestly say it has helped me commercially (this blog post is a good example, even the part ChatGPT didn’t write for me). The best way to sum it up at this stage is:

We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten. Don’t let yourself be lulled into inaction. – Bill Gates

Who knows? In a short while maybe I can automate ChatGPT to do all my blog posts and you’d never be the wiser!

My Tech Books – 2023

Tech is as much a lifestyle choice these days as it is a career. The geeks and nerds have risen to rule the world. Don’t believe me? Ask Bill Gates and Elon Musk! Sometimes it is good to step back and take a wide look at how technology has changed the world we live in – for better and worse.

To see my list from last year visit – My Tech Books 2022

My selections below, both fiction and non fiction, I have found to be enjoyable and thought provoking in many different ways and I recommend them to everyone who is interested in tech.

Mentions from 2022

The Metaverse: And How It Will Revolutionize Everything – Matthew L. Ball

After Steve: How Apple Became a Trillion-Dollar Company and Lost Its Soul – Tripp Mickle

Scary Smart: The Future of Artificial Intelligence and How You Can Save Our World – Mo Gawdat

You can follow all the books, tech, business, non-fiction, etc that I read over at Goodreads. You can view my activity here:

https://www.goodreads.com/director_cia

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone? This book has become so popular that there is now a movie. Believe me, the book is better.

4. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers – Andy Greenberg [Non-Fiction]

This is a great book if you are interested in IT security. It is also a very current book which makes it even more engrossing. It is easy to read and quite comprehensive in its approach, not only dealing with the technology of security attack but also the geopolitical reasons and consequences.

It reveals that shadow world of nation state cyber attacks and illustrates how they are happening today and likely to increase in the future. The connected world of the Internet has brought us many benefits but it is now increasing risks as our dependencies increase to the point that there are few manual backups that don’t depend on technology.

I think this book is a real glimpse into the future and what we may be in store for in the even of rising global conflicts. If you like tech, you’ll love this!

5. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

6. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

7. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

8. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

9. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

10. This how they tell me the world ends: The cyberweapons arms race – Nicole Perlroth [Non-Fiction]

Highlights the challenges that society has created, mainly from its’ own doing and questions of how we go about fixing this so we don’t end causing infinite harm to both intended targets and unintended victims.

Microsoft 365 collaboration framework training

On February 14th 2023 I’ll be running a collaboration framework training course for Microsoft 365 environments. Training will held remotely via Microsoft Teams. The session will be two (2) hours and run from 9am Sydney time.

The sessions will be recorded and other materials from the sessions (checklists, etc) will be available to attendees afterwards.

The aim of this training is to help you better prepare for the move to the Microsoft 365 collaboration environment utilising services such as Teams, SharePoint, OneDrive for Business, and so on. You’ll be shown a tested framework that you can use when designing a modern collaboration environment to ensure a business gets the most from their investment in Microsoft 365. You’ll also learn tips and tricks on how to implement this successfully inside a modern organisation, whether large or small. If you want to get the most from your Microsoft 365 collaboration environment, this course is for you. The price for this event will be:

Gold Enterprise Patron = Free

Gold Patron = Free

Silver Patron = Free

Bronze Patron = $33 inc GST

Non Patron = $99 inc GST

You can learn more about the CIAOPS Patron community at www.ciaopspatron.com.

I hope that you’ll join me in February for this event as I believe it help you improve how to get the most from the Microsoft 365 to improve day to day operations.

You can register you interest in attending this course here – http://bit.ly/ciaopsroi after which I’ll be in contact with you to arrange payment and get you enrolled.

As always, if you have any questions about this training please email me on – director@ciaops.com.

I hope to see you there.