3 results

And this is exactly the stuff that CoreView's free Microsoft three six five security posture check tool is designed to sniff out. It's the drift, the exceptions, the little permissions you stopped looking at because, well, you assumed they were fine. And the spoilers is that they're often not. It's free. It runs locally on your own machine. It does not send your tenant data back to CoreView or anyone else for that matter. And if you'd like a hand setting it up, their team will happily walk you through it. So all you've got to do is visit smashingsecurity.com/coreview to download your free copy of the tool. And even you will be able to answer the question, how secure is your Microsoft three six five tenant? And thanks to core view for supporting the show.

This episode is sponsored by Drift Mattress, the only bed I'll recommend for anyone trying to make mornings less brutal.

Right. Before we go any further, ThreatLocker is one of our sponsors this week, and they want to talk about something specific this week, Joe. They want us to talk about DAC. DAC. Is that like a duck? Well, no no, Joe. It's not like a duck. DAC, it stands for defense against configurations. I say shame. I like ducks. What does this do? Well, you know how my cyber attacks don't actually start with some sophisticated piece of malware. They start with a misconfigured setting or a drifted policy or an exposed endpoint that nobody noticed. And when you've got hundreds of endpoints, keeping on top of all that manually is basically a full time job in itself. Well, it is a full time job and it's an impossible one. So ThreatLocker built DAQ to solve exactly that problem. Every day, it runs deep checks across every endpoint in your environment, scanning operating system settings, application settings, as well as your ThreatLocker policies like allow listing and ring fencing. Every endpoint every day. Yes. Every endpoint every day. And everything that's misconfigured comes back to one dashboard categorized, prioritized with clear steps to fix it before an attacker finds it first. Exactly. And you can verify alignment across frameworks like CIS, NIST, HIPAA, ISO 27,001. So it's useful come audit time too. That's actually rather elegant. Spot the gap before someone crawls through it. That is ThreatLocker's whole philosophy, really. Don't wait for a misconfiguration to become a breach. And you, gentle listener, you can try DAC for free for thirty days at threatlocker.com.