Twitter | Pretraživanje | |
Richard Gold
1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching
Reply Retweet Označi sa "sviđa mi se" More
Richard Gold 29. sij
Odgovor korisniku/ci @isidor_mon
1. EDR if you can afford it, Windows Defender if you can’t. That frees up one extra point for Powershell security measures such as Constrained Language mode: H/T:
Reply Retweet Označi sa "sviđa mi se"
Charles 28. sij
Odgovor korisniku/ci @drshellface
Host isolation!
Reply Retweet Označi sa "sviđa mi se"
Richard Gold 29. sij
Odgovor korisniku/ci @maxdose_
If you can do it via Private VLANs, then great. If not, Windows Firewall can do it.
Reply Retweet Označi sa "sviđa mi se"
Russ 29. sij
Odgovor korisniku/ci @drshellface
Lots of cross over with ACSC guidance 👌🏻
Reply Retweet Označi sa "sviđa mi se"
Richard Gold 29. sij
Odgovor korisniku/ci @rustla
Indeed: :-) I’m a big fan!
Reply Retweet Označi sa "sviđa mi se"
Kevin Bryant 29. sij
Odgovor korisniku/ci @drshellface
What do you suggest for automatic defanging of documents?
Reply Retweet Označi sa "sviđa mi se"
Richard Gold 29. sij
Odgovor korisniku/ci @CyberScapegoat
Some kind of email filtering gateway or cloud service. There’s a few options out there!
Reply Retweet Označi sa "sviđa mi se"
Blackfire 29. sij
Odgovor korisniku/ci @drshellface
Wonder what the Linux variation would be
Reply Retweet Označi sa "sviđa mi se"
Richard Gold 29. sij
Odgovor korisniku/ci @Blackfi21021372
Panic? :-(
Reply Retweet Označi sa "sviđa mi se"
Dillon Korman 29. sij
Odgovor korisniku/ci @drshellface
What do you mean by automatic defanging of documents?
Reply Retweet Označi sa "sviđa mi se"
Richard Gold 29. sij
Odgovor korisniku/ci @dillonkorman
Turning MS Office documents into PDFs, for example.
Reply Retweet Označi sa "sviđa mi se"