All Categories: cybersecurity(26) sc-100(19) azure(15) microsoft(13) certification(9) productivity(6) fortinet(3) linux(3) edgevolt labs(3) marvel(2) iot(2) python(2) shell(2) artificial intelligence(2) ubuntu(2) roku(2) zero trust(2) the drive on 17(2) marvel move(2) fortigate(2) ssh(1) movies(1) soccer(1) listening(1) authentication(1) image(1) playlist(1) cli(1) negative index(1) programming(1) scripting(1) music(1) traffic on 17(1) edgevolt radio(1) jks(1) pfx(1) michael hyatt(1) budgie(1) key vault(1) security workflows(1) nist(1) microsoft graph(1) verified id(1) registry(1) mcsb(1) workload security(1) azure blueprints(1) azure landing zone(1) azure monitor(1) conditional access(1) debian(1) cwpp(1) cpsm(1) miscellaneous(1) guardians of the galaxy(1) movie reviews(1) bookmarks(1) monster hunter now(1) logitech(1) fcp(1) owasp(1) appsec(1) routing(1) ecmp(1) governance(1) java(1) deus ex(1) cooking(1) metasploit(1) developer notes(1) recipes(1) fitness(1) videogames(1) training(1) containers(1) home

Security Certification Roadmap

December 14, 2023

Wow! Check out this awesome cybersecurity security infographic by Paul Jerimy. Original source here.

Silvrback blog image

Posted in: certification cybersecurity

[SC-100] Conditional access "what if" tool

More security controls in the market need a feature like this.

August 16, 2023

I'm digging the "What If" tool in Azure Conditional Access component. The idea is simple: as you're building policies, you can throw various scenarios at the policy engine to understand what the heck it'll do.

This gives admins the opportunity to observe effects and perhaps test variations of authentication use . . .

[SC-100] Azure Blueprints vs Azure Landing Zone

August 13, 2023

This was another topic that was a little confusing: what's the difference between Azure Blueprints and Azure Landing Zone?

I came across various Microsoft documentation but it was still a little... vague.

Here's a nice table, provided courtesy of Google Bard:

sb_float_center

(usual disclaimer about AI-provided . . .

[SC-100] Defender for Cloud - Recommendations vs Alerts vs Vulnerability Assessment

August 13, 2023

Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:

"Security Recommendations"
"Alerts"
"Vulnerability Assessment"

What's the difference though? Just for the heck . . .

[SC-100] MCSB Compliance Control Overview

August 12, 2023

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

[SC-100] Conditional Access frameworks, policies, and naming conventions

August 09, 2023

OK, OK, so it may not necessarily be the most interesting topic...

Nevertheless, I think this article from Microsoft on Conditional Access framework and policies is an important one.

Of particular note, there's a section on naming conventions and how to develop/establish a system that scales well for designating . . .

[SC-100] Simplified explanation of technical response to incidents

August 05, 2023

While perusing a study guide for SC-100 exam, I came across a really nice and succinct explanation for technical response. It's one of my favorite quotes now:

(...) there are two key goals that every incident response should aim to address from a technical perspective. The first is identifying the scope of the attack (...) . . .

← Previous 1 2 Next →