Practical Windows Security

Russell Tomkins - Microsoft Premier Field Engineer

Introducing Project Sauron - Centralised Storage of Windows Events - Domain Controller Edition

(Nearly) every customer I visit is lacking comprehensive security auditing in their downlevel DEV...

Author: Russell Tomkins [MSFT] Date: 05/09/2017

Creating Custom Secure LDAP Certificates for Domain Controllers with Auto Renewal

Working with customers each week on securing their Active Directories, there are some procedures you...

Author: Russell Tomkins [MSFT] Date: 06/03/2016

Understanding and Remediating "PASSWD_NOTREQD"

In my previous post on querying the userAccountControl attribute, I noted one of the flags I want to...

Author: Russell Tomkins [MSFT] Date: 05/26/2016

Creating Custom Windows Event Forwarding Logs

You may have noticed recently that we Microsoft security people have kind of fallen in love with...

Author: Russell Tomkins [MSFT] Date: 05/18/2016

CRL Freshness PowerShell cmdlet

Overview One of the critical functions of running a healthy PKI is ensuring that certificate...

Author: Russell Tomkins [MSFT] Date: 04/29/2016

Querying UserAccountControl Configurations

One of the checks we perform as part of our AD security assessments is looking for security...

Author: Russell Tomkins [MSFT] Date: 01/27/2016

Identifying Clear Text LDAP binds to your DC's

If I told you that there was a 90% plus chance that your Domain Controllers allowed...

Author: Russell Tomkins [MSFT] Date: 01/13/2016