Conditional Access
This is it! Adam and Andy are finally diving into conditional access. They give an overview on what conditional access is including different types of conditional access like user, sign-in, and device based. Stick around until the end where Adam gives a great overview on a new feature for Azure AD authentications called Continuous Access Evaluation that changes the duration authentication tokens and how they are evaluated. Documentation: Advancing Password Spray Attack Detection Continuous Access Evaluation in Azure AD is now in public preview! Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
7 Dec 202034min
Work from Home - Tips and Tricks
On this week's episode, Andy and Adam give you their tips and tricks for working from home. Having been in mature work from home company cultures, they have insights on what it was like pre and post pandemic. Enjoy! Documentation: Rework by Jason Fried and David Heinemeier Hansson Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
30 Nov 202026min
Our thoughts on Chris Krebs, Infosec Job Security, and Infosec Qualifications
On this week's episode, Andy and Adam give their thoughts on the firing of Chris Krebs, former director of CISA. They also talk about their opinions on whether a CISO should be fired after a cybersecurity breach. Finally, they discuss if people need to have technical degrees and what qualifications are required to be in infosec. Documentation: CISA's Statement on the Nov 3rd Election IT Director fired after ransomware attack Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
23 Nov 202024min
Active Directory Security with Special Guest Morgan Patzwald
This week, Morgan joins Adam and Andy on the podcast to discuss on-prem Active Directory security. They dive into administrator privileges, best practice for account creation, GPO's, and server admins. They also discuss the concept of Privileged Access Workstations (PAW). Documentation: Securing Privileged Access Privileged Access Workstations Morgan Patzwald Twitter: @morgancpatz Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
16 Nov 202036min
Single-Sign On (SSO) and Self-Service Password Reset (SSPR)
This week, Adam and Andy go over why you should think about using an Identity Provider (IDP) to onboard your SaaS apps to use SSO. They also talk about why it's really important to think about what IDP to go with prior to making a decision. Finally, they talk about SSPR and why it's important to implement this feature in your organization. Documentation: Azure AD SSO options Enable Azure SSPR Enable Okta SSPR Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
9 Nov 202031min
How did we get into information security and career progression advice
This week, Adam and Andy bring you a bonus episode where they talk about how they got into information security and offer advice on career progression in IT and cybersecurity. Documentation: Free Microsoft Developer's Environment Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
2 Nov 202043min
Ransomware protection - Part 4 - Windows 10 Security, Network Segmentation, Detection and Recovery
This week, Adam and Andy wrap up the ransomware series by first going over controlled folder access in Windows 10 security and Onedrive for Business Known Folder Move. They discuss network segmentation and go into tools and process for detection and incident response. Finally, they conclude with tips on business continuity and disaster recovery when it comes to ransomware and cybersecurity. Documentation: Controlled Folder Access Onedrive for Business Known Folder Move Azure ATP/Microsoft Defender for Identity Ransomware Decryptors Maersk NotPetya Blog Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
26 Okt 202029min
Ransomware Protection - Part 3 - Admin Rights, Email Protection, Phishing Training
This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into the concept of least privileged access and administrative rights, email protection solutions, and phishing/cybersecurity training program concepts for your company. Documentation: Exchange Online Protection Overview https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-worldwide Office 365 ATP https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/
19 Okt 202033min
