Susan Bradley
Contributing Writer
Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Askwoody.com, is a moderator on the PatchManagement.org listserve, and writes a column of Windows security tips for CSOonline.com. In real life, she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, Microsoft 365 deployments, Azure instances, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at https://www.askwoody.com/tag/patch-lady-posts/ and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.
Best Mitre D3FEND advice to harden Windows networks
Mitre's recently released D3FEND matrix offers sound guidance for any security admin or CISO looking to harden a Windows network against attack.
Windows 11 hardware requirements will drive security update decisions
Windows 11 is Microsoft's most security-oriented OS ever, but will your network-connected computers support it? Here's how to tell.
Windows 11's best security features
Windows 11 uses some of the best security features of Windows 10. The big difference is that many are now required.
How to check for Active Directory Certificate Services misconfigurations
Recently discovered Microsoft Windows AD CS configuration errors could give attackers account and domain control. Here's how to audit AD CS for vulnerable configurations.
How to test the impact of new Windows DCOM Server authentication
Microsoft has hardened authentication for its DCOM Server in response to a vulnerability. Check for the impact on your network now before the change becomes permanent.
4 tips to prevent easy attacker access to Windows networks
The Colonial Pipeline attackers likely got in using old, compromised VPN credentials. This advice will force attackers to work much harder.
4 steps to prevent spear phishing
Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.
Updated
Best new Windows 10 security features: Improvements to Intune, Windows Defender Application Guard
Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 21H1 feature release.
6 minimum security practices to implement before working on best practices
Every Windows network admin can improve their security posture by focusing on these six basic areas.
17 cyber insurance application questions you'll need to answer
Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.
How to prepare for the demise of Windows NT LAN Manager
NTLM is a less secure protocol for authenticating Windows network access. Follow these steps to begin migration off it or to limit its use.
What cloud providers can and can't do to protect your data
Moving data to the cloud requires a sense of shared responsibility for security. Here's how cloud providers protect your data and what you still must do yourself.
Minimizing damage from a data breach: A checklist
How you respond to a data breach and the amount of damage it causes depends on how well prepared you are. Have you done everything on this list?
How malicious Office files and abused Windows privileges enable ransomware
Ransomware groups most often gain entry to Windows networks through malicious Office documents and then move laterally by abusing Windows privileges. Here's how to defend against both.
3 ways to prevent firmware attacks without replacing systems
Use these Microsoft Windows and Office features to mitigate the risk from firmware attacks. They are faster and cheaper than replacing computers.
Most common cyberattack techniques on Windows networks for 2020
Recent research breaks down the preferred techniques attackers use to gain access to Windows networks. Use this information to monitor your logs for these methods.
Tips to improve domain password security in Active Directory
Follow this advice to better secure domain passwords in a Microsoft environment.
How to reset Kerberos account passwords in an Active Directory environment
A regular reset of the KRBTGT account password will help prevent golden ticket attacks that allow wide unauthorized access to your network.