This video was very enlightening. A great deal of information about your infrastructure can be obtained from a single vulnerable user. The demo used tools that are bundled with Kali Linux. A must see for Windows admins...
Just saw this post from Datadog that allows you to monitor your JumpCloud environment using Datadog. I never got around to setting this up, only did SSO. Does anyone else use this?Monitor Your JumpCloud Directory With Datadog | Datadog (datadoghq.com...
HeyA month ago, the Five Eyes Alliance issued a Joint Cybersecurity Advisory. The advisory highlights the following best practices to protect your systems: Control AccessHarden credentialsEstablish centralized log managementUse antivirus solutionsEmp...
Has anyone had any trouble with SentinelOne detecting the JumpCloud agent as malicious? It's clearly not, it just looks like the software management functionality using Chocolatey is getting flagged by S1. I don't really want to add a folder level ex...
An old colleague just told me:"we actually got audited by our cyber security insurance provider and they enforced us to have MFA on literally everything. Down to the switches. It was huge pain in the a**."Have any of you ever faced challenges related...
https://youattest.com/wp-content/uploads/2022/05/YouAttest-Integration-and-Reviewers-Guide-for-JumpCloud.pdf
There is some way to set session Timeout only for certain logins? I.e. user1 need to do an activity all night long, but I don't want to grant an session on entire Jumpcloud env. Att,
Industry buzzword, or really necessary? Passwordless authentication is something that comes up a lot in the world of Identity and Access Management. We all have difference of opinion in "true" password less authentication. What does it mean to you? ...
Okay, I kid. I know what Patch Tuesday is. What I really wanted to do is talk a bit about what it means, though. Coming from a large enterprise, it has different meaning there than it does for small and medium enterprises. How frequently do you actua...
A thread in an MSP Facebook group discussion that I read this morning surfaced a memory from a few years back. I served as an IT director at a manufacturing company, and it was my job to create a security program. One of the greatest lessons I learne...
Mac Security ComplianceMac admins can begin their compliance journey by following NIST's SP-800-219 secure configuration guidance and using some open source tools that automate deploying controls, using commands through MDM (mobile device management)...
You don't have to attend Black Hat to know that there's a steady flow of vulnerabilities being discovered in Windows. It's the most popular desktop operating system and must support legacy setups to avoid breaking business systems. I've been working ...
Hello,I've been keeping an eye on Jumpcloud's progress and have been wanting to switch our small company over to it from Active Directory for quite some time now. The problem is that our company has multiple users jumping on and off each of our PCs t...
Do you have difficulty having consistent security practices in a cross-OS environment? Is your security strategy different from user to user or from OS to OS? How much of this work is hands-on vs automated?
IT administrators weren't expected to be security pros, until they were. I was in the same position where our network was too "live and let live" to be protected from emerging security threats. My journey began by asking questions and led to professi...
