When to use Microsoft SCCM vs Intune for managing devices

App management with Intune (excellent interactive video walkthrough):

https://docs.microsoft.com/en-us/mem/intune/apps/app-management

Microsoft suggests that Intune is the correct tool for mobile device management, and SCCM is what you use for pushing your ‘gold standard’ images to your workstations, servers etc.

Intune also offers an ‘Autopilot‘ feature for pushing OEM images to new workstations where you don’t need to apply custom ‘gold’ images.

Pkexec could affect many Linux operating systems

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

I’m on a linux VM now and yep, there’s pkexec…

“iconv_open() executes small shared libraries…”

“Unfortunately, CVE-2021-4034 allows us to re-introduce GCONV_PATH into
pkexec’s environment, and to execute our own shared library, as root.”

Shouldn’t be long before we see a lot of demonstrations for this.

Getting Started with Azure/O365 Auditing

Read this:

https://cloudblogs.microsoft.com/industry-blog/en-gb/government/2021/04/14/updated-office-365-security-and-compliance-guidance-for-the-uk-public-sector/

Create your own audit based on MS500 and AZ500 training guide primary topics.

https://www.skylinesacademy.com/resources

Expand on your audit by learning each security feature in depth and adding tips/references to your audit sheet.

Good luck!

Azure Logic Apps can automate so much of your Microsoft Security world..

I’ve spent a lot of time in Azure Logic Apps over the past few months.

Give me a reason and I’ll put together a vlog on getting started with Azure Sentinel and Logic Apps.

In the meantime here are some good references:

https://docs.microsoft.com/en-us/azure/logic-apps/quickstart-create-first-logic-app-workflow

https://docs.microsoft.com/en-us/azure/logic-apps/

Azure Sentinel webinar: Unleash the automation Jedi tricks & build Logic Apps Playbooks like a Boss

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-examples-and-scenarios

Azure Monitor Alert LogicApps
Understanding The Trigger: When a HTTP request is received

Functions Reference Guide

https://docs.microsoft.com/en-us/azure/logic-apps/workflow-definition-language-functions-reference