Susan Bradley
Contributing Writer
Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Askwoody.com, is a moderator on the PatchManagement.org listserve, and writes a column of Windows security tips for CSOonline.com. In real life, she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, Microsoft 365 deployments, Azure instances, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at https://www.askwoody.com/tag/patch-lady-posts/ and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.
How to manage Microsoft's Excel and Office macro blocking
Microsoft's reversal of its blocking by default on Excel macros creates an opportunity to improve policies and processes around Excel and Office macro use.
10 tasks for a mid-year Microsoft network security review
Are your settings, policies and processes keeping up with the changing threat landscape? Review your network to make sure.
How to keep attackers from using PowerShell against you
New guidance shows how to harden PowerShell and make it more difficult for threat actors to hijack for malicious purposes.
How and why threat actors target Microsoft Active Directory
New vulnerabilities in Active Directory emerge regularly, and unpatched old ones and misconfigurations open doors for attackers.
How Microsoft Purview can help with ransomware regulatory compliance
Microsoft's renamed compliance portal provides guidance and rule-setting capability to help comply with ransomware and other security and privacy requirements.
How to mitigate Active Directory attacks that use the KrbRelayUp toolset
Attackers are using the KrbRelayUp toolset to compromise Kerberos in on-premises Active Directory networks. This two-step process should protect you.
Best practices for deploying multi-factor authentication on Microsoft networks
Microsoft will soon mandate MFA for some customers, and these are the key considerations before you deploy it.
How to audit Microsoft Active Directory
Patching alone won't fix all known Active Directory vulnerabilities. Here are the steps to audit your Active Directory domains and shore up weaknesses.
Patching the latest Active Directory vulnerabilities is not enough
Follow these steps after running the November and May Microsoft updates to fully address Active Directory vulnerabilities.
What Microsoft Defender can tell you about your network
Microsoft Defender for Business alerts can show what's happening in your network. The better you understand your network, the faster you can triage alerts.
What your cyber insurance application form can tell you about ransomware readiness
The annual cyber insurance application form shows what the carriers think you should be doing to best prevent and recover from ransomware attacks. Pay attention.
9 most important steps for SMBs to defend against ransomware attacks
Here's how small- to medium-sized businesses can effectively protect their networks against the risk of ransomware without breaking their security budgets.
Protecting on-premises Microsoft servers
Many organizations still have on-premises Microsoft Exchange, SharePoint, or Office servers with inadequate protections.
Spring4Shell: Assessing the risk
Spring4Shell does not affect most systems, so a calm, methodical approach to assessing the real threat is best.
It's time to re-evaluate your 2FA setup on Microsoft networks
Attackers are exploiting some 2FA settings to gain network access. Does your current configuration provide the best protection?
Best advice for responding to today's biggest cyber threats
Scary new threats don't necessarily require big changes to your security infrastructure. These simple actions can be more effective and less disruptive.
4 ways attackers target humans to gain network access
These are some of the favorite ways cybercriminals try to get around an organization's cyber defenses to steal credentials or commit fraud.
Using Windows Defender Application Control to block malicious applications and drivers
WDAC allows security and IT admins to control which applications, drivers and certificates can run on Windows systems.
Preparing Microsoft cloud networks for regional disruptions
The Ukrainian crisis shows has heightened awareness of risks to cloud infrastructure affected by political or natural disasters.