User Profile

Genjin

Copper Contributor

Joined Feb 07, 2021

7 Posts

View All Badges

User Widgets

Recent Discussions

Feedback on a PowerAutomate Idea
Hey all, I'm wondering what you think of this PowerAutomate idea. I don't have access to the product with a personal account, but would like to know if its a flow that could be set up. Any insight would be great to I can better understand its capabilities and follow the right path. One way I see AI helping the companies infosec is with Power Automate & Defender. When there's a high-sev detection, add a custom group to the user with attached GPOs for verbose auditing. Deploy Sysmon to suspected devices upon notification approval. Extend that with custom SPL & KQL to monitor DNS, outbound, and internal auth/traffic. Include stats for beaconing & tunneling. Last, use Live Response library for custom powershell scripts, get Event Logs -1h, and Collect Investigation Package.
Jul 31, 2023 Place Microsoft Defender for Endpoint
477Views
0likes
1Comment
Re: INVALID_DATA_ACCESS_TRAP BSOD at 75% upgrading Windows 10 to 11, Error Code 0x900101 - 0x40021
I don't know a hundred percent. I was doing a reimage of Win10 21H2 from an iso and it wouldn't let me finish. It dropped me to a local account. I couldn't use Settings to login with an MS account. I'd get credential dialogue boxes and nothing would work. Why? My pfSense was blocking something, probably their telemetry ips and dns. I connected without a hardware firewall and it installed perfectly in 10 minutes. I'm sure it wasn't ports, its probably dns filters from cdns. Just something to troubleshoot. We have to re-imagine what Windows management is because of all the software as a services. xbox/office/win/etc. Its all one.
Nov 02, 2021 Place Windows 11
3.8KViews
0likes
0Comments
Re: M Defender is blocking an old file from Web Cam Trust called "14382-03_02.exe"
Open the 'Settings' app and search Windows Security. Go through the 'Virus & Protection' and 'Protection History.' See you possible options.
Nov 02, 2021 Place Windows security
1.1KViews
0likes
0Comments
Re: Sysinternal tools learning !
I'm really into technical training, so here's a few suggestions. Troubleshooting with the Windows Sysinternals Tools 2nd Edition by Mark Russinovich. YouTube, "PluralSight SysInternals" Also, just watch YouTube on your smart TV and search a random topic and it'll link you around. I've passed certifications this way. Check out the Hot To Geek and WindowsCentral.com (How To section.) Last suggestions is search fo 'Stackskills Unlimited access.' 60 dollars for courses that cover everything.
Nov 02, 2021 Place Sysinternals
1.6KViews
0likes
1Comment
Re: INVALID_DATA_ACCESS_TRAP BSOD at 75% upgrading Windows 10 to 11, Error Code 0x900101 - 0x40021
What is your network setup? Do you have any special firewall walls, filter rules, vpn, dns blocks, pfsense, etc? Is there anything that could interrupt standard residential modem to Microsoft?
Nov 02, 2021 Place Windows 11
3.8KViews
0likes
2Comments
Re: Uninstalling HEVC Video Extensions from Windows 11
Can't say for sure, but check these out: 1. Window 10 Settings app. Search Apps & Features. 2. Chec for an uninstall file in the program directory. c:\program files\.. 3. Open Registry (regedit). Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall 4. Third Party Software Uninstaller?
Oct 17, 2021 Place Windows 11
60KViews
0likes
1Comment
Re: Uninstalling HEVC Video Extensions from Windows 11
What device? PC? Software or Browser?
Oct 17, 2021 Place Windows 11
60KViews
0likes
3Comments

Recent Blog Articles

No content to show