Security Stuff

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Monitoring your network and gathering massive amounts of data has become easier and easier. Many...

Author: Jessica Payne (MSFT) Date: 12/08/2017

When the manual is not enough - runas /netonly, Unexpected Credential Exposure and the Need for Reality Based Holistic Threat Models

One of the things I always advocate for IT Professionals/Defenders is that versus letting...

Author: Jessica Payne (MSFT) Date: 04/04/2016

Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

I did a guest post over on the Ask PFE Platforms blog about the Local Administrator Password...

Author: Jessica Payne (MSFT) Date: 12/28/2015

Tracking Lateral Movement Part One - Special Groups and Specific Service Accounts

Lateral Movement - the moving of an attacker from one compromised host throughout your domain until...

Author: Jessica Payne (MSFT) Date: 11/26/2015

Monitoring what matters - Windows Event Forwarding for everyone (even if you already have a SIEM.)

Last week at Ignite Australia I presented a session (available hereĀ ) on something I don't think...

Author: Jessica Payne (MSFT) Date: 11/23/2015

What should I know about security? The massive list of links post.

I maintain a list of links I call "security stuff every Microsoft customer should know" that I send...

Author: Jessica Payne (MSFT) Date: 11/20/2015