Susan Bradley

Contributing Writer

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Askwoody.com, is a moderator on the PatchManagement.org listserve, and writes a column of Windows security tips for CSOonline.com. In real life, she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, Microsoft 365 deployments, Azure instances, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at https://www.askwoody.com/tag/patch-lady-posts/ and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.

The Latest from Susan

Feature

The most important Windows 10 security event log IDs to monitor

Regular reviewing of these Windows event logs alone or in combination might be your best chance to identify malicious activity early.

Feature

Microsoft 365 Apps update changes: What security admins need to know

Microsoft has renamed its Office 365 update channels and added options. You might have to make changes in your configuration and deployment tools.

Feature

Skipped patch from 2012 makes old Microsoft Office systems a favored target

Some organizations have still not implemented an Office patch from 2012. Attackers know this and are exploiting the vulnerability.

How-To

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them.

How-To

How to protect Office 365 from coronavirus-themed threats

Microsoft's new Office 365 security defaults and OAuth 2.0 support will help meet new US government recommendations to thwart COVID-related attacks, Make sure they are properly implemented.

Feature

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk.

How-To

4 tips for protecting users from COVID-19-targeted attacks

Remote users in particular are vulnerable to coronavirus-themed phishing attempts, malicious domains, and repurposed malware. Protect them with these basic steps.

How-To

How to minimize the risks of split tunnel VPNs

Split tunnel virtual private networks have some advantages for supporting remote workers connecting to a Windows network, but they come with risks. Here's how to best protect your network.

How-To

How to check your Windows network for vulnerabilities

If you've made significant changes to your network to support remote workers, it's time to review what you've done to make sure everything is locked down.

How-To

How to lock down Remote Desktop Protocol servers

Make sure you've made all the proper settings to secure remote desktop protocol (RDP) to best protect your Windows network when supporting remote workers.

Feature

8 key security considerations for protecting remote workers

Many security and IT teams suddenly have to support and protect employees who must work remotely due to the COVID-19 crisis. Make sure you cover these areas.

Feature

Microsoft Threat Protection: What security and IT admins need to know

Microsoft Threat Protection can protect Windows systems and Office 365 users on many levels, but licensing requirements can be confusing.

How-To

How to prepare Microsoft Office and Windows for ransomware and email attacks

You've set up your remote workers during this COVID-19 crisis, but have you made the adjustments to be prepared for a cyber disaster like a ransomware attack?

Feature

Securing Windows and Office in a time of COVID-19: update policies, remote options

Delayed updates and a rush to support remote workers have forced IT and security teams to scramble. This information and advice will help them better deal with the crisis.

How-To

How to prevent attackers from using Windows against you

Attackers use standard Microsoft components such as DLLs or PowerShell to avoid detection. These tips will make such "living off the land" attacks harder to execute.

Feature

Do you trust your admins? 5 tips to manage administrator access

The access rights that internal and external network admins possess carry the potential for abuse and errors that can expose systems and data. These practices can help avoid that.

How-To

How to prevent scripting attacks in Microsoft Office

The rise in phishing attempts requires another look at your Microsoft Office settings to minimize the risk of a user executing a malicious script.

How-To

How to set up your network to prevent data loss

Critical data is at risk from both insider and external threats. Here's how to configure your Windows network for data loss prevention (DLP).

How-To

How to fight hidden malware on Windows networks

Attackers are more clever about how they hide malicious files. Countering that starts with knowing what services belong on your network.

How-To

5 steps to avoid credential dumping attacks

Use these five techniques on your Windows network to find and limit risk from vulnerabilities that make your organization vulnerable to credential dumping attacks.

Popular Resources

Analyst Report
Sponsored

Nemertes Research Report, The Transformed Workplace
Video/Webcast
Sponsored

MITRE ATT&CK as a Framework for Cloud Threat Investigation
White Paper

A Buyer’s Guide to Optimizing Remote Employees’ Extended Network
eBook
Sponsored

Building High-Performing Agile Teams and Release Trains
Case Study
Sponsored

Case Study: Global healthcare industry leader

See All