@microsoft.com #Documentation #tracker has had an #update!
- Direct commit tracking
- Improved RSS
- #CVE Explorer
- Improved #Accessibility
- Update to #Vue and #Astro
- Improved #mobile UI
And more!

Got a #feature #request? Let me know down below! 👇

docstracker.marshsecurity.org

a fireworks display with the words happy new year written below it ALT: a fireworks display with the words happy new year written below it

A very happy #newyear to all!
As I reflect back on 2025, and a year of great achievements both personal and professional, I would like to thank the community for their support, and for those of you who have helped me to recognise my potentials and dreams.

You the bestest 🫡

Never easy mate…
Hope all is as well as can be 💜

Sentinel Saturday - Using Tasks with Automation Automation is one of the biggest ways to improve output and productivity within Microsoft Sentinel. When used well, it cuts repetitive work, reduces response times, and keeps your SOC running smoothly...

New blog post live for my Sentinel Saturday series!
Read the blog 👉 marshsecurity.org/sentinel-sat...

In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

#Blueteam #Microsoft #Sentinel
#MicrosoftSentinel #CyberSecurity #SOCAutomation

V1.1 now released!

- Support for tracking Purview changes
- Ability to track multiple repositories
- Ability to generate RSS feeds
- Corrected a bug causing API errors
- Improved speeds. 
- Pull correct data instead of "repo sync"
- Added a "Last Updated" footer

This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.

#microsoft #sentinel #cybersecurity #cyber #security #tips #guide

🔗 Read the full walkthrough here: marshsecurity.org/sentinel-ski...

🚀 Introducing... #Microsoft #Docs Tracker!

it can often be difficult to keep up-to-date with the constant changes of Microsoft #documentation. Track documentation updates across the entire #MicrosoftDocs #GitHub organization in one place, with ease!

🔗 Try it here: docstracker.marshsecurity.org

Protecting against ClickFix with the Microsoft Stack Introduction With the growing rise of cyber attacks, and the increased detections and awareness on the back of this, cyber attacks are constantly looking for creative ways to execute code on endpoint...

ClickFix is emerging as a crafty threat. My latest post cuts through the noise, showing how you can defend using Microsoft tools.

🛡️ Read it here: marshsecurity.org/protecting-a...

#CyberSecurity #ZeroTrust #MicrosoftSecurity #ClickFix #Defender #Sentinel #SecOps #InfoSec #ThreatProtection

Restoring Microsoft Entra Conditional Access Policies Microsoft have now added the ability to restore Conditional Access Policies which have been deleted in Microsoft Entra. This is really useful for inadvertent deletion scenarios. In this blog, we will...

#Microsoft have now added the ability to #restore #conditionalaccess #policies in Microsoft #Entra.
To do this, you will need to have the Conditional Access Administrator role activated.

Find our more in my latest #Blog post: marshsecurity.org/restoring-mi...

Protecting against Email Bombs with Microsoft Tooling As the world becomes more and more connected, and digital technologies continue to evolve, email remains a critical tool for communications both for individuals and for commercial use. Email security ...

#mailbombing can be a very serious #cyberthreat - These can be used to hide more nefarious activity or be leveraged by attackers as part of a wider campaign.
Find out more, and how you can protect and detect these with #Microsoft tooling in my #blog: marshsecurity.org/protecting-a...
#cybersecurity

Application Control - Part 1 - The dangers of allowing software ℹ️This blog post is part of a series of posts that delve into Application Control on Windows. This series will explore the risks involved in not controlling applications, as well as the ways in which ...

🚨 #infosec Pros: Are you really in control of what runs in your #Windows estate?

Learn how to assess what #software is in your estate, and what gotchas to watch out for on part one of your #app control journey!

Read the full post 👉 marshsecurity.org/application-...

#cyber #security #microsoft

Application Control - Part 1 - The dangers of allowing software ℹ️This blog post is part of a series of posts that delve into Application Control on Windows. This series will explore the risks involved in not controlling applications, as well as the ways in which ...

🚨 #infosec Pros: Are you really in control of what runs in your #Windows estate?

Learn how to assess what #software is in your estate, and what gotchas to watch out for on part one of your #app control journey!

Read the full post 👉 marshsecurity.org/application-...

#cyber #security #microsoft

“Skill issue m8”

This can then be used to #block or #allow #software in #Microsoft #Defender - providing additional security ontop of App Control for business ( #WDAC )
I will have a blog post coming on App Control for Business, so keep your eyes peeled!

Inspired by the amazing resource of @devfender.bsky.social (github.com/jkerai1/Soft...), I created a #Github #Actions workflow allowing users to raise an issue using a form template. The action then extracts the certificate and commits it back to the #repo, updating the README file.
#cybersecurity

Cyber companies (love) this one simple trick!

Having issues deploying #microsoft #edge extensions across multiple #configuration profiles.

We are trying to split the “silently install extensions” across 1 config per extension (easier management) but once one is applied, others say there is a conflict.

Does anyone know if this is possible?

In my latest #blog I explore the wonderful world of #docker and how to ensure a #securityfirst implementation.

#cyber #security #homelab #technology

Read more:
marshsecurity.org/securing-doc...

Couldn’t agree more!

In my latest #blog I explore the wonderful world of #docker and how to ensure a #securityfirst implementation.

#cyber #security #homelab #technology

Read more:
marshsecurity.org/securing-doc...

Security-Scripts/Endpoint/NetBIOS&LLMNR at main · Marshyp/Security-Scripts Scripts for general Cyber Security functions/tasks - Marshyp/Security-Scripts

After discovering that NetBIOS settings aren’t available in #intune #settings, I have created a #script to disable this and will have to look into a #compliance #policy to ensure that this is disabled across the estate.

I have shared my #netbios and #llmnr script here:

github.com/Marshyp/Secu...

This is always a very good point.
The update installer should be checked against tools like VirusTotal, the update should then be installed on isolated devices and checked for telemetry before staged rollout and testing.

Also ensure you have a baseline. What do you EXPECT the software to do?

More features coming soon on this!
Big thanks also go to @devfender.bsky.social for the recommendation of the VirusTotal integration. (Apologies, forgot to credit after hitting the character limit).

Thanks to everyone for their support!

Huge thanks go to Jonas Bogvad for his assistance on this project.
It was great fun collaborating our ideas and hashing this one out!

GitHub - Marshyp/Soteria: Soteria is an automated tool for testing software and creating WDAC policies around the software. This project is currently a WIP Soteria is an automated tool for testing software and creating WDAC policies around the software. This project is currently a WIP - Marshyp/Soteria

After a chat in the #Microsoft #EMS server, I decided to build an automated app tester using WSB.
This solution obtains hashes and pushes the installer to VirusTotal for checking

Check it out here: github.com/marshyp/sote...

#secops #cybersecurity #devops #cyber #powershell

Backing up Docker volumes with ease We all know that it is important to ensure that our services and systems are regularly backed up. Recently, I have had a number of people asking about backups for Docker volumes - particularly with re...

Exploring automating #docker backups to GitHub, retaining historical backups of containers, volumes and compose.yml files for #automation #devsecops #cyber #cybersecurity

Read my blog here: marshsecurity.org/backing-up-d...

DNS Protection with NextDNS It's always DNS. Even when it's not. The issue As we know, the internet is full of potentially malicious sites, which our users, families and significant others can navigate to at any moment. It is...

Exploring how to bring #cybersecurity closer to home with DNS (Yes, it's always DNS) using NextDNS for an easy win.
Read more: marshsecurity.org/dns-protecti...
With thanks to @devfender.bsky.social for the push to blog!