Matthew Armitage
@mcsamatt.bsky.social
Microsoft Security, Identity and Systems Management nerd. Also enjoy home automation and tinkering with machines. FIDO auth FTW!
Reposted by Matthew Armitage
I think Cryptomator is available in the UK. If you know similar software feel free to comment.
cryptomator.org/for-individu...
cryptomator.org/for-individu...
Cryptomator - Cryptomator
Cryptomator is an open-source encryption tool for secure cloud storage. Protect your privacy for free on Dropbox, Google Drive, OneDrive, and more.
cryptomator.org
February 23, 2025 at 11:14 AM
I think Cryptomator is available in the UK. If you know similar software feel free to comment.
cryptomator.org/for-individu...
cryptomator.org/for-individu...
Reposted by Matthew Armitage
Starting today you can udpate your profile in #Microsoft365 using a new and modern profile editor (replacing the #Delve experience). Go to office.com, search for your name and click on it and find the "Update your profile" button. The team is eager for feedback!
December 9, 2024 at 9:29 AM
Starting today you can udpate your profile in #Microsoft365 using a new and modern profile editor (replacing the #Delve experience). Go to office.com, search for your name and click on it and find the "Update your profile" button. The team is eager for feedback!
Reposted by Matthew Armitage
XML in LDAP teaches you to see God in a new way
December 8, 2024 at 6:58 AM
XML in LDAP teaches you to see God in a new way
Reposted by Matthew Armitage
802.1x what are you doing step bro you shouldn't be a fucking LDAP attribute
December 8, 2024 at 6:56 AM
802.1x what are you doing step bro you shouldn't be a fucking LDAP attribute
Reposted by Matthew Armitage
You're welcome
Home Updater
Did you know your home device/computer needs regular updates to stay secure? Automate your patching for over 500+ applications free of charge.
new.patchmypc.com
December 8, 2024 at 9:29 PM
You're welcome
Reposted by Matthew Armitage
Not as long as you might think :).
December 8, 2024 at 4:06 PM
Not as long as you might think :).
Reposted by Matthew Armitage
December 8, 2024 at 11:25 AM
Reposted by Matthew Armitage
Back in the day, we would compose an email, put [email protected] in the To field, "Fire me, I'm irresponsible" on the subject line, and just leave it front and centre on their screen, before 3) locking it for them.
I was eventually reprimanded for starting that trend.
I was eventually reprimanded for starting that trend.
December 6, 2024 at 5:54 PM
Back in the day, we would compose an email, put [email protected] in the To field, "Fire me, I'm irresponsible" on the subject line, and just leave it front and centre on their screen, before 3) locking it for them.
I was eventually reprimanded for starting that trend.
I was eventually reprimanded for starting that trend.
Reposted by Matthew Armitage
Reposted by Matthew Armitage
A good write up on how Credential Guard prevented an common attack. isc.sans.edu/diary/Creden.... If you haven't looked at this in a while, now is a great time to start. learn.microsoft.com/en-us/window.... Kudos to @syfuhs.net and the team for doing all the hard work on this. #infosec
December 6, 2024 at 4:33 PM
A good write up on how Credential Guard prevented an common attack. isc.sans.edu/diary/Creden.... If you haven't looked at this in a while, now is a great time to start. learn.microsoft.com/en-us/window.... Kudos to @syfuhs.net and the team for doing all the hard work on this. #infosec
Reposted by Matthew Armitage
This is pretty awesome - require PIM activation before you can RDP to a server, access a credential vault, etc.
This could even be done with approval workflow and authentication contexts to enforce very strong restrictions 🔥
learn.microsoft.com/...
This could even be done with approval workflow and authentication contexts to enforce very strong restrictions 🔥
learn.microsoft.com/...
December 7, 2024 at 8:53 AM
This is pretty awesome - require PIM activation before you can RDP to a server, access a credential vault, etc.
This could even be done with approval workflow and authentication contexts to enforce very strong restrictions 🔥
learn.microsoft.com/...
This could even be done with approval workflow and authentication contexts to enforce very strong restrictions 🔥
learn.microsoft.com/...
Reposted by Matthew Armitage
I’m a fan of adding “SC” and “ES”. Imo it makes it more versatile if changes are being made via Graph or directly in Intune.
December 6, 2024 at 1:08 AM
I’m a fan of adding “SC” and “ES”. Imo it makes it more versatile if changes are being made via Graph or directly in Intune.
Reposted by Matthew Armitage
Okay, the self-service site to get your account verified is almost ready to go.
But it's too late over here in Australia, and I'm not brave enough to hit publish on a new site and go to bed 🙈
So the plan is to launch this 👇 tomorrow!
Stay tuned...
December 1, 2024 at 12:28 PM
Okay, the self-service site to get your account verified is almost ready to go.
But it's too late over here in Australia, and I'm not brave enough to hit publish on a new site and go to bed 🙈
So the plan is to launch this 👇 tomorrow!
Stay tuned...
Reposted by Matthew Armitage
One of the highest importance things in Security is thinking as a Graph not a List. Owning Twitter doesn't get you Twitter. It gets you everything that trusts Twitter.
John Lambert, one of the seniormost Microsoft people who has his hand fighting their greatest battles.
medium.com/@johnlatwc/d...
John Lambert, one of the seniormost Microsoft people who has his hand fighting their greatest battles.
medium.com/@johnlatwc/d...
Defender’s Mindset
This is a collection of thoughts, quips, and quotes from tweets, blogs, and presentations over the years. If you find them helpful, drop me…
medium.com
December 1, 2024 at 9:35 PM
One of the highest importance things in Security is thinking as a Graph not a List. Owning Twitter doesn't get you Twitter. It gets you everything that trusts Twitter.
John Lambert, one of the seniormost Microsoft people who has his hand fighting their greatest battles.
medium.com/@johnlatwc/d...
John Lambert, one of the seniormost Microsoft people who has his hand fighting their greatest battles.
medium.com/@johnlatwc/d...
Reposted by Matthew Armitage
If, like me, you're retaining your account to prevent someone else from scooping it up, you should go delete all of these. Settings and privacy > Security and account access > Apps and sessions > Connected apps
Twitter is a sign-in identity provider too... And revoking access at Twitter or deleting your account does not necessarily break that delegation token...
I trust their security team made this happen. But it's not intrinsic.
I trust their security team made this happen. But it's not intrinsic.
December 1, 2024 at 9:22 PM
If, like me, you're retaining your account to prevent someone else from scooping it up, you should go delete all of these. Settings and privacy > Security and account access > Apps and sessions > Connected apps
Reposted by Matthew Armitage
i think i may start doing 'skytalks' on how not to get fucked when starting a company, getting investment, and building a team
there's a lot of folks in infosec and adjacent industries that have stars in their eyes and brilliant ideas, but have no idea what a bad deal looks like
there's a lot of folks in infosec and adjacent industries that have stars in their eyes and brilliant ideas, but have no idea what a bad deal looks like
November 27, 2024 at 12:59 AM
i think i may start doing 'skytalks' on how not to get fucked when starting a company, getting investment, and building a team
there's a lot of folks in infosec and adjacent industries that have stars in their eyes and brilliant ideas, but have no idea what a bad deal looks like
there's a lot of folks in infosec and adjacent industries that have stars in their eyes and brilliant ideas, but have no idea what a bad deal looks like
Reposted by Matthew Armitage
Microsoft Intune now allows you to configure Platform SSO (Single Sign-On) for Apple macOS devices. Platform SSO is an extension to the existing Microsoft Enterprise SSO plug-in that brought single sign-on (SSO) to macOS using Microsoft Entra ID accounts.
November 27, 2024 at 8:56 AM
Microsoft Intune now allows you to configure Platform SSO (Single Sign-On) for Apple macOS devices. Platform SSO is an extension to the existing Microsoft Enterprise SSO plug-in that brought single sign-on (SSO) to macOS using Microsoft Entra ID accounts.
Reposted by Matthew Armitage
"Management" asks for changing default fonts, or right-click menu's, or moving the start button are unsustainable.
Say "No".
Empower your users with training or KB's.
Stop assuming you know what every individual needs to be productive.
#SomeExclusionsApply
Say "No".
Empower your users with training or KB's.
Stop assuming you know what every individual needs to be productive.
#SomeExclusionsApply
November 27, 2024 at 3:47 PM
"Management" asks for changing default fonts, or right-click menu's, or moving the start button are unsustainable.
Say "No".
Empower your users with training or KB's.
Stop assuming you know what every individual needs to be productive.
#SomeExclusionsApply
Say "No".
Empower your users with training or KB's.
Stop assuming you know what every individual needs to be productive.
#SomeExclusionsApply
Reposted by Matthew Armitage
November 27, 2024 at 1:23 AM
Reposted by Matthew Armitage
If you like using #kql then this is an absolute must! Mark and Team did a great job with the book and applying that to doing the missions in #kc7 is just nerdy fun! Have you tried it yet?
Last week! 1 more book to go!
In November I'm going to be giving away 4 digital copies of The Definitive Guide to KQL, 1 each Friday. To enter, make a $5 donation to KC7: The Cyber Detective Game for 1 entry (givebutter.com/kc7). If you donate $10, that's 2 entries, etc. Send me the screenshot of the donation.
November 27, 2024 at 1:03 AM
Reposted by Matthew Armitage
🚪 Seamless Onboarding: Skip the ESP, Launch the Company Portal Automatically after #WindowsAutopilot, and Deliver a 5-Star Check-In Experience 🛎️
Check out the blog at @patchmypc.com how to do so!
patchmypc.com/automaticall...
#Intune #MSIntune #Companyportal #Windows #Windows11
Check out the blog at @patchmypc.com how to do so!
patchmypc.com/automaticall...
#Intune #MSIntune #Companyportal #Windows #Windows11
November 26, 2024 at 2:23 PM
🚪 Seamless Onboarding: Skip the ESP, Launch the Company Portal Automatically after #WindowsAutopilot, and Deliver a 5-Star Check-In Experience 🛎️
Check out the blog at @patchmypc.com how to do so!
patchmypc.com/automaticall...
#Intune #MSIntune #Companyportal #Windows #Windows11
Check out the blog at @patchmypc.com how to do so!
patchmypc.com/automaticall...
#Intune #MSIntune #Companyportal #Windows #Windows11
Reposted by Matthew Armitage
PLEASE RP: WINDOWS SERVER 2025 ACTIVE DIRECTORY IMPROVEMENTS PART 2…
Today, let's discuss some of the new AD Security enhancements.
Today, let's discuss some of the new AD Security enhancements.
November 26, 2024 at 3:33 PM
PLEASE RP: WINDOWS SERVER 2025 ACTIVE DIRECTORY IMPROVEMENTS PART 2…
Today, let's discuss some of the new AD Security enhancements.
Today, let's discuss some of the new AD Security enhancements.
Reposted by Matthew Armitage
PLEASE RP: WINDOWS SERVER 2025 ACTIVE DIRECTORY IMPROVEMENTS!
Windows Server 2025 AD has major improvements across the board with hardened defaults, new security features, new crypto, new forest, and domain functional levels, and much more... Today let's discuss the 32k DB page size feature...
Windows Server 2025 AD has major improvements across the board with hardened defaults, new security features, new crypto, new forest, and domain functional levels, and much more... Today let's discuss the 32k DB page size feature...
November 25, 2024 at 5:36 PM
PLEASE RP: WINDOWS SERVER 2025 ACTIVE DIRECTORY IMPROVEMENTS!
Windows Server 2025 AD has major improvements across the board with hardened defaults, new security features, new crypto, new forest, and domain functional levels, and much more... Today let's discuss the 32k DB page size feature...
Windows Server 2025 AD has major improvements across the board with hardened defaults, new security features, new crypto, new forest, and domain functional levels, and much more... Today let's discuss the 32k DB page size feature...
Reposted by Matthew Armitage
Microsoft Entra SSE Roadmap
November 21, 2024 at 4:39 PM
Microsoft Entra SSE Roadmap
Reposted by Matthew Armitage
"There is no security use case for these events and never will be. They make up about 30% of the logs we are ingesting."
"Better not drop them. Might be a compliance issue later."
*silent screaming*
"Better not drop them. Might be a compliance issue later."
*silent screaming*
One of the greatest values you can provide to an employer is saying No. To have experience to know what's important. If we don't log this thing we will have more retention of what matters MORE, longer. The real world has costs, and those have to be paid.
November 23, 2024 at 8:10 PM
"There is no security use case for these events and never will be. They make up about 30% of the logs we are ingesting."
"Better not drop them. Might be a compliance issue later."
*silent screaming*
"Better not drop them. Might be a compliance issue later."
*silent screaming*