All 18 of the Microsoft Cybersecurity Reference Architectures (MCRA) videos are now up!
We cover detailed technical information + context on security threats and business risk.
Share and Enjoy!
aka.ms/mcra-videos
Many thanks to my incredible co-presenters!
Follow
Mark Simos
@MarkSimos
Simplify and clarify • Cybersecurity architecture and strategy • Business + Security Alignment • Make the world better
@markasimos@infosec.exchange
aka.ms/markslistJoined July 2016
Mark Simos’s Tweets
Thanks for sending the author's copy of our SC-100 book. Looks great!!
Awesome project with and Gladys
4
5
44
We'll be doing another Twitter space next week focusing on upgrading from Server 2012 R2. What level are your Domain Controllers at? If you just let out a sigh, click the link below to get notified when the space starts. twitter.com/JefTek/status/
This Tweet is unavailable.
2
7
11
Talking to board members about security?
I shared some insights for engaging with boards on cybersecurity topics on Security Experts Roundtable (and also learned a few things from the awesome hosts and the amazing Myrna Soto)
learning.eventbuilder.com/SecurityExpert
2
12
Happy New Year! Ep 69 is out: we talk with Adrian Diglio about Secure Software Supply Chain and Software Bill of Materials or SBOM. We also discuss the Azure Security news. goes over MCRA, Immutable Laws of Cybersecurity and Security Architecture Design.
2
2
This Tweet is unavailable.
5
12
Announcement of Linux device isolation support in MDE
13
31
Ann Johnson guest stars on the MSI Show this week. Please don't miss it. I promise it will be a great conversation.
#microsoftsecurityinsights #microsoft #cybersecurity lnkd.in/ewbwvZkn
2
5
This chart puts the layoffs versus recent hiring into some broader context:
Yahoo Finance via
7
120
225
Show this thread
Microsoft continues to improve accessibility in Windows and beyond.
This is really an under-appreciated feature. twitter.com/JenMsft/status
This Tweet is unavailable.
1
3
5
Great new blog that focusses on deployment and integration of Microsoft Defender for Endpoint with Microsoft Defender for Servers on Linux machines.
13
40
The mission of Security Operations is to reduce organizational risk by limiting the attacker dwell time (how long attackers can access business assets) through rapid detection and response.
From a new workshop (follows the CISO Workshop - aka.ms/CISOWorkshop)
2
8
32
We know cyber criminals and nation state actors use legitimate remote monitoring and management software as backdoors. Pay attention and lock them out. Advisory below with our partners at . twitter.com/CISAgov/status
This Tweet is unavailable.
6
38
78
Fascinating read
Quote Tweet
Our appetite seems to be largely driven by our need for protein, and this is the nutrient that is lacking in ultra-processed foods, so we eat more of it. Could this be behind the rising obesity? buff.ly/3Xwqfji HT @DocGrawitch
1
3
The curse of knowledge and how that leads to lack of empathy for those who don't know what you do. Super relevant in software design.
3
48
124
Stop attacks in their tracks. Get actionable guidance to implement policies and rules. Start with this Cloud Adoption Security Review assessment. youtu.be/svtY5SxztFs #AppArchitecture
6
18
begging people to stop romanticizing the pre-industrial era
454
4,500
19K
Show this thread
My mom sent me some papers that belonged to my grandfather, Darwin Randall Crum, which included a collection of “Disfrustrating Puzzles” he created
392
9,272
79.4K
Show this thread
Working in tech does not mean that you have to work at a tech company. All these tech companies doing layoffs affects your chances of working at THOSE companies, not others. Beauty brands have tech teams, food companies have tech teams, like there are so many other options lol
27
510
2,023
Do you firewall and forget your most valuable/fragile resources?
Or do you have complete people/process/tech approach to protect isolated assets? (document & protect OT vendor maintenance, scan laptop/USBs, connection reviews, etc.)
From the MCRA - aka.ms/MCRA
2
8
Sharing this message from
1
10
8
Monitoring SAP for security attacks and risks?
Microsoft Sentinel solution for SAP just added five new rules focused on file Downloads from Malicious IP Address, Sensitive data printed, exported, or saved to USB drive)
More details at techcommunity.microsoft.com/t5/microsoft-s
5
11
Loving these immutable laws of security - a lot of people don't even know that something like this exists.
Make sure you consider these when you're designing your architectures and building your environments - they could make the difference!
1
26
79
Timeline cleanser - have a seat on the bench and relax
1
11
I've been thinking a lot lately about importance of rapid response early in attack cycle as attackers enter (phishing email, endpoint compromise, user account credential, etc.).
I put together this list of attacker options
Did I miss anything? any other feedback?
5
9
28
This is a fantastic Microsoft mechanics video on how to securely architect and develop applications using Zero Trust principles.
Please share this short 13-minute video with your colleagues in application/product teams, IT, and security!
27
54
Just recorded my segment for the security experts roundtable! :-)
Quote Tweet
0:38
The Security Experts Roundtable launches January 25th.
Join us for candid conversations and insight from industry experts on impactful security topics: msft.it/6012eWpAY #MSFTSecurityExperts
1
13
Forgot to add the picture :-)
1
2
Show this thread
Looking to assess your security program and strategy against Microsoft's recommended best practices?
The Cloud Adoption Security Review just went live!
This assessment is based off of the Secure methodology of the Cloud Adoption Framework (CAF).
2
36
94
Show this thread
Updated "golden configuration" guidance for Microsoft 365 security just went live from
This is an awesome reference for configuring Conditional Access and Intune policies
Share and enjoy!
46
122
Recently created a slide based on a blog post from a few years back on Zen and the Art of Threat Hunting.
Thoughts? Feedback?
microsoft.com/security/blog/
6
13
Are your technology and security departments enablers of your mission and business? or disablers?
"Don't let the fear of the time it will take to accomplish something stand in the way of your doing it. The time will pass anyway; we might just as well put that passing time to the best possible use."
~Earl Nightingale
2
2
22
As folks are doing their next CY planning, if you have 'migrate off ADFS' on your list, we have several free workshops in the next week of Jan 23rd friendly to different time zones. You can register at techcommunity.microsoft.com/t5/community-e. I'll be attending the Americas session w/
1
22
30
Happy 2 year anniversary to when I was sleep deprived and decided to post this at 2 am on New Year’s Day
1,284
49.3K
422.7K
Show this thread
Simplest and best tribute to exemplify the Barbara Walters legacy :
On her final show on The View, they just brought one female journalist after another to honour her. All ages, races, from NBC to FOX, to say thank you. She’s completely overwhelmed and touched.
704
12.3K
56K
Insightful read on SWA meltdown
Quote Tweet
From a SW pilot. Good take.
This line is great, and applies to all industries all of the time.
“There was little investment in upgrading technology (after all, how do you measure the return on investing in infrastructure?)”
H/t @octal
facebook.com/larry.lonero/p
Show this thread
1