Hi folks,You need to know about a new Microsoft vulnerability. I just got the notification from MS-ISAC. I'm going to paste an abbreviated version of it for you here. At the end I'll link you to where you can sign up for these advisory notifications ...
We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using. We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR? ...
Hi Community FolksYesterday I wrote about: "How to establish Device Trust for Android Devices with Okta by using JumpCloud's Android EMM?"Now you might wonder: Can I do the same for iOS-devices as well? Yes, certainly you can. Please refer to the art...
HelloRecently I posted about "How to establish Device Trust (managed devices) for Okta by using JumpCloud as factor for authentication?" - which enables you to make use of Device Trust Certificates from JumpCloud with Okta. But how about mobile devic...
Zero trust as a strategy is essentially to trust nothing, verify everything. A colleague and I had an interesting chat the other day where we examined how that concept applies to the intersection of device management and identity. I created a decisio...
Hi Community ,Since JumpCloud does not notify on Directory Insights logs, Directory Insights can be integrated with any third-party SIEM tool as we already know.Wazuh is a free and open-source security platform that unifies XDR and SIEM protection fo...
HiThe recent (and not so recent) news about LastPass have been - at least to me - literally horrifying. I moved out of LastPass more than a decade ago (to be precise after their security incident on May 3, 2011) and started using 1password from then ...
It's been a minute since I posted about using JumpCloud Commands for security remediations. There's a particularly nasty zero day that's been actively exploited now that involves attackers obtaining an NTLM hash (Windows password) through Microsoft 3...
We didn't do news on the IT hour, but partway through, these two nuggets of joy from bleepingcomputer poped up on my phone:IceFire ransomware now encrypts both Windows and Linux: https://www.bleepingcomputer.com/news/security/icefire-ransomware-now-e...
Hey Folks, As many of you might be wondering (or already asked ) about integrating SIEM solutions with JumpCloud logs - Directory Insights to be more specific, in order to centralise security event monitoring and management, @JuergenKlaassen had a w...
Hi everyone, I've been trying to implement Crowdstrike's SSO following the documentation that can be found in Crowdstrike's portal, and it somewhat-works. Here's what I mean:After following the steps, when clicking on the app, I get re-directed to Cr...
This news cycle has a big drop: the Biden admin's national cybersecurity strategy. A friend worked on it and had this to say: "The strategy establishes an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve...
IT professionals oftentimes talk over the requirements of small and medium-sized enterprises (SMES) with a lot of jargon. Compliance (and laws punishing data breaches) are becoming increasingly widespread, so it's understandable that it's the topic d...
Last week I went to login as an Administrator account, only to find that my TOTP code was no longer working from my iOS Authenticator app. JumpCloud said the code was not valid. After a few login attempts, my admin account is now locked. Resetting th...
Hi Folks, Pretty sure you came across this KB for enabling the full disk encryption on the root drive when installing Ubuntu, and utilising JC's Linux FDE policy to monitor the status. But how about the additional drives on the box? These are not sh...
HelloSharing a documentation here to configure JumpCloud and Okta in tandem to use JumpCloud as factor for Device Trust by using OIDC, Conditional Access Policies and Okta's Policy Engine. What it does: If you're using Okta for SSO (let's say via SA...
Friday was supposed to be an easy day off where I spent some time to help a friend set up the Microsoft Azure features that he was paying for (but not using). His firm takes client data seriously and needed my help. It was content to maximize the Mic...
Hi all,I'm looking to set up 2FA for managed device login. Some users won't want to deal with any app installed on their devices and issuing stipend or company phone are out of the question. I've seen some similar questions but not sure if as time go...
My company recently deployed jumpcloud for our endpoints and I was wondering if anyone knew of a way through jumpcloud to give partial admin rights to my users. I do not want my users to reach out to me each time they need the admin password to add/...
Is there a way to configure a specific timeout length for a specific application's authentication session in Jumpcloud?
There is some way to set session Timeout only for certain logins? I.e. user1 need to do an activity all night long, but I don't want to grant an session on entire Jumpcloud env. Att,
It hard now where I am from for you to have maximum security or network I wonder where all that went I can't wait for 2023 best luck to those of us still believing in the future one love
HiJust to share my recent discoveries for Sentinel and Splunk as well as mentioning Datadog - as I find it noticeable in terms of integrations efforts and pricing.Azure Sentinel A publicly available Data Connector can be found on GitHub here. It's ju...
I create a command in jumpcloud can install sentinel one on Windows 10 it does not need admin right for it to work.Now SentinelOne tell me that in Windows 11 this no longer the case I find it hard to believe that. But I figure I reach out to ask this...
Patch Tuesday has become Zero Day Tuesday ... there are six actively exploited vulnerabilities this week alone. It's not always possible to wait for a patch, or a patch may not be sufficient (recall PrintNightmare, Follina, and MSDT). There was a pra...
Hi folks,You need to know about a new Microsoft vulnerability. I just got the notification from MS-ISAC. I'm going to paste an abbreviated version of it for you here. At the end I'll link you to where you can sign up for these advisory notifications ...
