Thank you! will give it try but will also recommend signing scripts

Thank you!
But wouldn't the execution itself be subject to the restriction? Meaning the command to set it as unrestricted will not even be evaluated because it is in effect restricted or am I wrong?

How would you handle using Intune remediation scripts in an env where there's a GPO that sets the powershell execution policy to Restricted. Is there a way to only allow IME?
Any thoughts @nathanmcnulty.com

Yes please 🙂

You're right and I will use "one incident is more expensive"!
My biggest concern is that the allow personal devices is implicit and for everyone regardless of what they access
Going to propose a deeper review based on criticality
Thanks again! I knew I needed your opinion🙂

Agreed, but how would you handle a customer with thousands of users that travel constantly, are not issued a corp device and rely on M365 and custom apps to work?
I am still trying to convince them to do MAM

This was a fun question, and I think it might be helpful for others to show how I researched it

To start, I already knew this wasn't exposed in data exported by diagnostic settings or anything we could query with KQL, but that would have been a good first place to check :)

I use the ZSA Voyager, have been for over a year and I cannot go back. It is worth it to go through the learning curve of proper typing. And to taje the time to configure shortcuts and layers, especially to replace the mouse
I do not use a mouse anymore it it has help greatly with shoulder pain.

Hmm this is a good lead to follow! need to go check thanks again 😊

So I checked the folder and for the issue servers there's nothing special. Comparing to the only server there are Jason files missing related to the policies
I have an open ticket with support.I am at loss here hopefully they'll be able to help😊

Check out my Azure workbook, "Storage Account Security Posture" on GitHub github.com/laythchebbi/...
It provides an overview of security configurations for storage accounts in your Azure environment.
#azure #security #workbook #microsoft #storageaccount

Could you please repost the link it is giving a 404

Thank you for the tip will check the folder and report back

Yes all is correctly created group targeted MDE ClientAnalyser not showing any issue servers are 2016 (and thank you)

@nathanmcnulty.com
Please I some #MDE help, servers are onboard and show in defender portal as managed by MDE AV policies set via Intune are not being pushed no error or conflict just nothing and its not a comm issue btw MDE and Intune any ideas?

"He who has the 'why' to live can bear almost any 'how' *

@shiroishi.bsky.social do you do commissions?

nathanmcnulty/Intune/auto-update-eac-apps.ps1 at master · nathanmcnulty/nathanmcnulty Contribute to nathanmcnulty/nathanmcnulty development by creating an account on GitHub.

I realize hardly anyone is using Enterprise App Catalog yet, and this may eventually be built in... but it was bugging me that apps don't automatically update to the latest version available :-/

So I created an automation to do just that! 🤓

github.com/nathanmcn...

Shameless self-promotion of my blog 🚨

I write about #Terraform, #Boundary, #Vault, #Azure, #AWS, and other things and technologies I find interesting!

Highly recommended by me (🔟 out of 🔟) and at least one other person who clicked the "Buy me a coffee button". Thanks Eric! 🙏

mattias.engineer

The Answer is your question Andrew your are a community person 🙏

Azure Infiltrated: How Attackers Exploit Misconfigured Environments to Breach Data and Cause Damage Introduction Cloud computing has become increasingly popular among enterprises, corporations, and individuals, providing an easy way to deploy projects without the need for infrastructure maintenance,...

Ever wondered how attackers exploit misconfigured Azure environments? I've created a step-by-step lab to show exactly how breaches happen and how to prevent them!
Read now 👉 laythchebbi.com/index.php/20...
#azure #cloudcecurity #microsoft #cyberchreats #cyberSecurity #datasecurity #infosec

Finding out that #NeveGallus in #DragonAge #TheVeilguard was voiced by non other than Jessica Clark!
There. I rest my case.
#TeamNeve

Just finished #DragonAge #TheVeilguard what am emotional journey. My withdrawal is going to be tough. Thank you @briannebattye.bsky.social for writing such a great storyline and making me fall in love with #NeveGallus

I do not like the new #Teams chat experience one bit! It is messed up! I dislike how all messages in the thread are aligned left!

And I think we have a winner!

I think I like Streak!

Here's the new good boy looking for a fitting name #Caturday

Privilege escalation using Azure Service principal Introduction In Microsoft Azure, the management of access and permissions is critical for maintaining a secure environment. Azure Service Principals serve as non-human identities that allow applicatio...

In this blog post i breaks down how attackers can exploit and abuse service principals and what you can do to defend against it.
Check it out here:
laythchebbi.com/index.php/20...
#AzureSecurity #PrivilegeEscalation #OffensiveSecurity #CloudSecurity #Cybersecurity

The link does not work if you could cleck please

Genuine question: Bluesky being open source and all how do they monitize the platform? How do they pay for hosting de maintenance etc?