Security
cancel
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

JumpCloud logs to SentinelOne XDR

We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using.  We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR?   ...

SlimJim by Novitiate I
  • 59 Views
  • 0 replies
  • 0 kudos

Are Integrated MDM/EMM and IAM Vendors Really Zero Trust?

Zero trust as a strategy is essentially to trust nothing, verify everything. A colleague and I had an interesting chat the other day where we examined how that concept applies to the intersection of device management and identity. I created a decisio...

JCDavid by Rising Star III
  • 174 Views
  • 0 replies
  • 1 kudos

Wazuh SIEM x JumpCloud

Hi Community ,Since JumpCloud does not notify on Directory Insights logs, Directory Insights can be integrated with any third-party SIEM tool as we already know.Wazuh is a free and open-source security platform that unifies XDR and SIEM protection fo...

Wazuh-Dashboard-JC.png

Commands for Critical Outlook/Exchange Privilege Escalation

It's been a minute since I posted about using JumpCloud Commands for security remediations. There's a particularly nasty zero day that's been actively exploited now that involves attackers obtaining an NTLM hash (Windows password) through Microsoft 3...

Screenshot 2023-03-15 at 4.11.28 PM.png
JCDavid by Rising Star III
  • 248 Views
  • 0 replies
  • 0 kudos

Extra fun security news 9 Mar 2023 edition

We didn't do news on the IT hour, but partway through, these two nuggets of joy from bleepingcomputer poped up on my phone:IceFire ransomware now encrypts both Windows and Linux: https://www.bleepingcomputer.com/news/security/icefire-ransomware-now-e...

rlyons by Rising Star III
  • 214 Views
  • 1 replies
  • 1 kudos

Directory Insight SIEM Integrations

Hey Folks,  As many of you might be wondering (or already asked ) about integrating SIEM solutions with JumpCloud logs - Directory Insights to be more specific, in order to centralise security event monitoring and management, @JuergenKlaassen had a w...

shawnsong_0-1678179635854.png shawnsong_1-1678179655741.png shawnsong_2-1678179677314.png shawnsong_3-1678179698083.png
shawnsong by Rising Star I
  • 455 Views
  • 0 replies
  • 4 kudos

Crowdstrike Custom SAML app not (fully) working

Hi everyone, I've been trying to implement Crowdstrike's SSO following the documentation that can be found in Crowdstrike's portal, and it somewhat-works. Here's what I mean:After following the steps, when clicking on the app, I get re-directed to Cr...

U.S. National Cybersecurity Strategy

This news cycle has a big drop: the Biden admin's national cybersecurity strategy. A friend worked on it and had this to say: "The strategy establishes an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve...

JCDavid by Rising Star III
  • 176 Views
  • 0 replies
  • 1 kudos

Diet Cola Compliance is Here

IT professionals oftentimes talk over the requirements of small and medium-sized enterprises (SMES) with a lot of jargon. Compliance (and laws punishing data breaches) are becoming increasingly widespread, so it's understandable that it's the topic d...

JCDavid by Rising Star III
  • 178 Views
  • 0 replies
  • 1 kudos

TOTP for Admin Account Stopped Working

Last week I went to login as an Administrator account, only to find that my TOTP code was no longer working from my iOS Authenticator app. JumpCloud said the code was not valid. After a few login attempts, my admin account is now locked. Resetting th...

Encrypt additional drives on Ubuntu Desktop

Hi Folks, Pretty sure you came across this KB for enabling the full disk encryption on the root drive when installing Ubuntu, and utilising JC's Linux FDE policy to monitor the status.  But how about the additional drives on the box? These are not sh...

1.png
shawnsong by Rising Star I
  • 160 Views
  • 0 replies
  • 2 kudos

Some Fun with Azure AD and Intune

Friday was supposed to be an easy day off where I spent some time to help a friend set up the Microsoft Azure features that he was paying for (but not using). His firm takes client data seriously and needed my help. It was content to maximize the Mic...

JCDavid by Rising Star III
  • 352 Views
  • 0 replies
  • 1 kudos

Resolved! Giving Partial Admin Rights To Users

My company recently deployed jumpcloud for our endpoints and I was wondering if anyone knew of a way through jumpcloud to give partial admin rights to my users.  I do not want my users to reach out to me each time they need the admin password to add/...

blee145 by Novitiate I
  • 526 Views
  • 3 replies
  • 0 kudos

Session Timeout

There is some way to set session Timeout only for certain logins? I.e. user1 need to do an activity all night long, but I don't want to grant an session on entire Jumpcloud env. Att,

My country

It hard now where I am from for you to have maximum security or network I wonder where all that went I can't wait for 2023 best luck to those of us still believing in the future one love 

Q27merry by Novitiate I
  • 203 Views
  • 0 replies
  • 0 kudos

Sentinel One and windows 11

I create a command in jumpcloud can install sentinel one on Windows 10 it does not need admin right for it to work.Now SentinelOne tell me that in Windows 11 this no longer the case I find it hard to believe that. But I figure I reach out to ask this...

Franco by Novitiate II
  • 319 Views
  • 0 replies
  • 0 kudos

Windows Zero Days: Consider Mitigations Through Commands

Patch Tuesday has become Zero Day Tuesday ... there are six actively exploited vulnerabilities this week alone. It's not always possible to wait for a patch, or a patch may not be sufficient (recall PrintNightmare, Follina, and MSDT). There was a pra...

JCDavid by Rising Star III
  • 299 Views
  • 0 replies
  • 1 kudos