Susan Bradley

Contributing Writer

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Windows Secrets, is a moderator on the PatchManagement.org listserve and SBS2k, and was one of the authors of Windows Server 2008 Security Resource Kit. . In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, an Exchange Server, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at www.sbsdiva.com and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.

How to optimize Windows Firewall security

How to optimize Windows Firewall security

If you're ignoring or have disabled Windows Firewall, you might be missing out on some good, basic protections that are easy to set up and maintain.

The most important Windows 10 security event log IDs to monitor

The most important Windows 10 security event log IDs to monitor

Regular reviewing of these Windows event logs alone or in combination might be your best chance to identify malicious activity early.

Microsoft 365 Apps update changes: What security admins need to know

Microsoft 365 Apps update changes: What security admins need to know

Microsoft has renamed its Office 365 update channels and added options. You might have to make changes in your configuration and deployment tools.

Skipped patch from 2012 makes old Microsoft Office systems a favored target

Skipped patch from 2012 makes old Microsoft Office systems a favored target

Some organizations have still not implemented an Office patch from 2012. Attackers know this and are exploiting the vulnerability.

How to use Microsoft Sysmon, Azure Sentinel to log security events

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them.

How to protect Office 365 from coronavirus-themed threats

How to protect Office 365 from coronavirus-themed threats

Microsoft's new Office 365 security defaults and OAuth 2.0 support will help meet new US government recommendations to thwart COVID-related attacks, Make sure they are properly implemented.

Best new Windows 10 security features: Passwordless authentication, Chromium-based Edge support
Updated

Best new Windows 10 security features: Passwordless authentication, Chromium-based Edge support

Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 2004 feature release.

9 tips to detect and prevent web shell attacks on Windows networks

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk.

4 tips for protecting users from COVID-19-targeted attacks

4 tips for protecting users from COVID-19-targeted attacks

Remote users in particular are vulnerable to coronavirus-themed phishing attempts, malicious domains, and repurposed malware. Protect them with these basic steps.

How to minimize the risks of split tunnel VPNs

How to minimize the risks of split tunnel VPNs

Split tunnel virtual private networks have some advantages for supporting remote workers connecting to a Windows network, but they come with risks. Here's how to best protect your network.

How to check your Windows network for vulnerabilities

How to check your Windows network for vulnerabilities

If you've made significant changes to your network to support remote workers, it's time to review what you've done to make sure everything is locked down.

How to lock down Remote Desktop Protocol servers

How to lock down Remote Desktop Protocol servers

Make sure you've made all the proper settings to secure remote desktop protocol (RDP) to best protect your Windows network when supporting remote workers.

8 key security considerations for protecting remote workers

8 key security considerations for protecting remote workers

Many security and IT teams suddenly have to support and protect employees who must work remotely due to the COVID-19 crisis. Make sure you cover these areas.

Microsoft Threat Protection: What security and IT admins need to know

Microsoft Threat Protection: What security and IT admins need to know

Microsoft Threat Protection can protect Windows systems and Office 365 users on many levels, but licensing requirements can be confusing.

How to prepare Microsoft Office and Windows for ransomware and email attacks

How to prepare Microsoft Office and Windows for ransomware and email attacks

You've set up your remote workers during this COVID-19 crisis, but have you made the adjustments to be prepared for a cyber disaster like a ransomware attack?

Securing Windows and Office in a time of COVID-19: update policies, remote options

Securing Windows and Office in a time of COVID-19: update policies, remote options

Delayed updates and a rush to support remote workers have forced IT and security teams to scramble. This information and advice will help them better deal with the crisis.

How to prevent attackers from using Windows against you

How to prevent attackers from using Windows against you

Attackers use standard Microsoft components such as DLLs or PowerShell to avoid detection. These tips will make such "living off the land" attacks harder to execute.

Do you trust your admins? 5 tips to manage administrator access

Do you trust your admins? 5 tips to manage administrator access

The access rights that internal and external network admins possess carry the potential for abuse and errors that can expose systems and data. These practices can help avoid that.

How to prevent scripting attacks in Microsoft Office

How to prevent scripting attacks in Microsoft Office

The rise in phishing attempts requires another look at your Microsoft Office settings to minimize the risk of a user executing a malicious script.

How to set up your network to prevent data loss

How to set up your network to prevent data loss

Critical data is at risk from both insider and external threats. Here's how to configure your Windows network for data loss prevention (DLP).

Load More