Some time ago I came across an absolutely beautiful resource full of different types of diagrams that could be used to convey messages - think venn diagrams and that kind of thing. I liked it, or shared it, saved in LinkedIn saved items or Twitter bookmarks. It could have been buried in favourites under my professional or personal Edge profiles, sent to Instapaper… Who knows. I can’t find it. It’s gone. Vanished into the digital ether. So I’m going to give this a go, a static page with a very straightforward set of links for stuff on the internet - blog posts, books, videos, tools and exams. I’m going to try out pasting things right into here as a centralised reading list. We’ll see how it goes!
Ransomware
- 2021 Microsoft Digital Defence Report: “https://aka.ms/MDDR"
- The DART guide to combatting human-operated ransomware:
- Part one
- Part two
- Part three (loading, please wait)
- Azure Defences for Ransomware Attack - “https://aka.ms/ADRA"
- Ransomware backup plan - “https://aka.ms/RansomwareBackupPlan"
- 3 Steps to protect and recover from ransomware - “https://aka.ms/ransomware3steps"
- Human Operated Ransomware - “https://aka.ms/Ransomware"
- Maximise ransomware resiliency with Azure and M365: “https://aka.ms/"ransomware-resilience-azure-m365
- Protecting M365 from on-premises attacks - “https://aka.ms/ProtectM365-fromOnPremAttack"
- Deploy ransomware protection for M365: “https://aka.ms/ProtectM365-Ransomware"
- Azure Sentinel Fusion detection for ransomware
SECURITY ARCHITECTURE
Security Compass β “https://aka.ms/SecurityCompass" Cyber Security Reference Architecture β “https://aka.ms/MCRA" CSRA Videos - aka.ms/mcra-videos Cloud Adoption Framework - “https://aka.ms/CAF"
Azure AD
Secure access practices in Azure AD - “https://aka.ms/SecureAccessAAD"
My Stuff
Cutting down the red forest (Stealthbits) Maersk, me & notPetya β “https://aka.ms/MaerskMeNotPetya" Protect identity from modern threat vectors (risual) Multi-Factor Authentication 2020 (risual)
Actual Books
Tools and Weapons: The Promise and the Peril of the Digital Age (Brad Smith) Alice and Bob Learn Application Security (Tanya Janca) Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity (Marcus J. Carey) Functional Art, The: An introduction to information graphics and visualization (Alberto Cairo) Cloud Native Transformation (Pini Reznik, Jamie Dobson, Michelle Gienow) The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win (Gene Kim) The Unicorn Project: A Novel about Developers, Digital Disruption, and Thriving in the Age of Data (Gene Kim) 97 Things Every Information Security Professional Should Know 97 Things Every Information Security Professional Should Know (Christina Morillo) Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers (Andy Greenberg) Thinking, Fast and Slow (Daniel Kahneman) Make It Stick: The Science of Successful Learning (Peter C. Brown) The Subtle Art of Not Giving a F*ck (Mark Manson)
Basics
π Does Your Organization Have a Security.txt File? β Krebs on Security π¬ CrikeyCon 2021 - Jess Dodson - Back to Basics, Why can’t we get this stuff right?
Community
π Join Our Security Community - Microsoft Tech Community
EVERYTHING ELSE
Security Architecture Microsoft cloud for IT architects illustrations Common attacks and Microsoft capabilities that protect your organization Cloud Adoption Framework - “https://aka.ms/CAF" Cloud Adoption Framework videos - “https://aka.ms/CAFSecure-Videos" For the devs Microsoft Threat Modeling Tool overview - Azure | Microsoft Docs π Story points: Velocity has been weaponized against agility and adaptability.
As Code
π¬ On Prem To the Cloud: Everything As Code
Azure Active Directory
π¬ 425 Show: Microsoft Identity IT Pro version π¬ Microsoft Mechanics: Go passwordless with FIDO2 keys and TAP π¬ Stuart Kwan - Authentication fundamentals π AAD-Auth-N-Z: Azure Service Authentication and Authorization table (Joosua Santasalo)
Azure AD Conditional Access
π Alex Filipin - Conditional Access as Code π Thomas Naunheim - AADOps: Operationalization of Azure AD Conditional Access π Claus Jespersen - Conditional Access Guidance π Daniel Chronlund - Azure AD Conditional Access Policy Design Baseline with Automatic Deployment Support
Azure AD Privileged Identity Management
π PS Enable multiple roles at once
Azure AD External Identities, B2B, B2C
π¬ John Savill: What are Azure AD External Identities?
Azure AD SSO to On-premises resources
π The case for Azure AD Join (Ru Campbell) π Azure AD and Windows Hello: SSO to on-premise resources β Katy’s Tech Blog (katystech.blog) π Azure AD Join Single Sign-on: follow the key β Azure AD Stuff (stephanwaelde.com)
Azure
π Penetration testing
Zero-Trust
π A zero-trust future: Why cybersecurity should be prioritized for the hybrid working world π¬ Must-see! Daniel Stefaniak: “Special Guest Mark Simos - cutting through zero trust BS” (pscp.tv) π¬ Zero-Trust 1: Implementation π¬ Zero-Trust 2: Identity π¬ Zero-Trust 3: Endpoints and Applications π¬ Zero-Trust 4: Network & Infrastructure π¬ Zero-Trust 5: Data π Microsoft Digital approach to Zero-Trust networking
Azure Stack
π Azure Stack remove network restrictions
Azure Sentinel
π¬ Azure Sentinel Lab Series | EP4 | 100 ways to get data into Azure Sentinel Azure Sentinel Fusion detection for ransomware π Microsoft Azure Sentinel: Planning and implementing Microsoftβs cloud-native SIEM solution π Detect intruders using a honeypot/honeytoken monitored by Azure Sentinel π #365daysofKQL: reprise99/Sentinel-Queries: Collection of KQL queries π How Microsoft moved to Sentinel: “https://customers.microsoft.com/en-us/story/1421616410770801622-microsoft-it-partner-professional-services-azure-sentinel"
Azure Security Center
π Microsoft Azure Security Center π Automating remediations from ASC
Azure/M365
π§° ./Microsoft Portals π Dr Nestori Syynimaa: AASD & M365 kill chain π InfosecMatter: Top 20 Microsoft Azure Vulnerabilities and Misconfigurations
Compliance
π Purview: “https://aka.ms/purview" π¬ Learn how MIP works with Azure Purview at the Azure Data Governance digital event on September 28 - Microsoft Tech Community
Plain, vanilla Active Directory
π Dan Cards post-compromise AD checklist
SDLC
π Getting security and IR plumbed into your SDLC process Jess Dodson podcast
Learn it all
My all-round Microsoft security guru learn list: Learn Collection Microsoft certs poster “http://aka.ms/youtube/CERT" “https://learn.microsoft.com/" “https://demos.microsoft.com” “https://www.microsoft.com/ignite" “http://aka.ms/CISOWorkshop" “http://docs.microsoft.com/" “https://azsecuritypodcast.net/" - Azure Security Podcast (Michael Howard, Gladys Rodriguez, Mark Simos, Sarah Young) “https://aka.ms/ZTGuide"
π Exam AZ-500: Microsoft Azure Security Technologies π Exam Reference AZ-500 Microsoft Azure Security Technologies π Microsoft Azure Security Infrastructure π Microsoft Azure Architect Technologies and Design Complete Study Guide: Exams AZβ303 and AZβ304
Become a real-life ninja
MCAS “https://aka.ms/mcasninja" Defender for Endpoint “https://aka.ms/mdeninja" Defender for Identity “https://aka.ms/mdininja" Defender for M365 “https://aka.ms/m365dninja" Defender for Office 365 “https://aka.ms/mdoninja" Azure Sentinel “https://aka.ms/asninja" Azure Security Center “https://aka.ms/ascninja" Azure Network Security Ninja “https://aka.ms/ansninja" Azure Defender for IoT “https://aka.ms/d4iotninja" Microsoft 365 Advanced eDiscovery ninja (awaiting aka.ms)
Maersk & notPetya
Brad Smith @ RSA Conference Davos 2017 CEO Report Former CISO Andy Jones account of the event CISO Andy Powell lessons learned from the attack
Digital Transformation
π 4 ways to build empathy into your processes π The Phoenix Project
Stakeholder management
π IDSA: Identity and Access Management, The Stakeholder Perspective
Tool
π§° BadBlood - fill AD with objects (David Prowe): “https://github.com/davidprowe/BadBlood" π§° Mermaid JS - process mapper π Mermaid docs π§° Swimlanes.io π§° Visio Stencil for Azure icons (David Summers)
Architecture, leadership and influence
π Cross Solution Network Architectures (Nehali Neogi) π Awesome List of resources on leading people and being a manager π Robert Cialdini: Influence, New and Expanded: The Psychology of Persuasion π Christopher Hadnagy: Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You π Cognitive BIAS π How to Create an Effective Technical Architectural Diagram π Recommendations for Adopting a Cloud-Native Key Management Service (Cloud Security Alliance)
Mental health and wellbeing
π How To Recover From A Bad Day In 5 Minutes
The Feeds (Where I get my stuffs)
Mark Grimes Identity Top 10: “https://aka.ms/identitytop10"
Twitterers
The Record by Recorded Future
Anything else
The multibillion dollar market for your phones location data.
