There are a number of security baselines out there for Windows clients: Microsoft, CIS, NIST and ACSC to name a few. These baselines focus mainly on domain-joined Windows clients, however Microsoft do also release security baselines targeted at Intune/AAD-only clients through their Intune Security Baselines. The reason Microsoft release separate baselines for AAD vs. AD … Continue reading Hardening: Using LGPO to enforce non-Intune supported settings on AAD devices. ACSC example.
Category: Hardening
Defense in Depth: Hardening clients against malware deployment by disabling unused Group Policy CSEs
This is an idea that came off the back of a customer being hit with ransomware. The deployment method used by the attackers was simple: They got domain admin and then proceeded to create a GPO that deployed the ransomware over a weekend using Group Policy Software installation. By Monday morning, over 10k clients and … Continue reading Defense in Depth: Hardening clients against malware deployment by disabling unused Group Policy CSEs
Colin Ford Blog 