Matt

  🔐 5 Quick CIS Security Wins to Strengthen Your Microsoft 365 Tenant Today   As IT professionals, we all want a secure tenant, but between tickets, deployments, and patching, configuring new settings in Intune, Entra, Defender, etc. security hardening often gets pushed to ‘will do later.’ The problem? ⚠ ️ Attackers will never wait us! I found a couple of settings, some of them so simple, but we miss them because we are always busy. I was digging in Defender and M365 Admin Center: 1.       📅 CIS Benchmark L2 for M365 recommended to disable calendar share with external.   One of the main reasons attackers need to know about your organization before they attack it is that if we allow our users to publicly share their calendars, it can help attackers learn more about the organization and its users. They can then use this information to exploit situations like when employees are out of the office, traveling, etc.  2.     ...

  How many times do you want to get a quick look at vulnerabilities in your tenant without having to go to Entra to activate your PIM, then to Defender, and navigate deep?   This is exactly what I was dealing with this past weekend, especially in the USA, since we had a long weekend because Monday is MLK holiday, which gave me time to dig deeper.   I came across 2 GitHub repos from two amazing friends, MVPs in our community. All credit to our friends:-   1.       Fabian Bader f-bader/MSRC-PatchReview: A PowerShell variant of the amazing patch_review.py by kevthehermit amazing script, to run on your device to get all CVEs. ·          Keep in mind this script targets BaseScore 8.0,  if your company or customer, like my customers, they wants more security, you have to lower the BaseScore to 7.0 or less. You can see that in line ‘75’ from the script. ·          ...

  Ever wondered why some devices in your organization stubbornly refuse to get updates despite being in SCCM or Intune? This represents a common challenge faced by administrators during the implementation of security patches. Administrators endeavor to fulfill their responsibilities and meet the expectations of the security, compliance teams, and management. I was among those 😒 who initiated a hot seat challenge from August to October 2025. Many customers were affected, regardless of their Endpoint Management system, whether SCCM or Intune. Some of their devices repeatedly failed despite ongoing efforts 🙄 . Why should I care? When you work with Endpoints, you're engaging with your compliance and cybersecurity team, who want to make sure there are no security risks. They focus on Security Zero Trust and Conditional Access, so your users can smoothly access your organization's resources without being blocked just because a device isn't marked as compliant.    ...