Netwrix Blog | Insights for Cybersecurity and IT Pros

This post first appeared on blog.netwrix.com and was written by Jeremy Moskowitz.
Most IT and security teams think they already have endpoint policy management in place.They’re using Microsoft Intune. Maybe Defender. Maybe a mix of Mobile Device Management, AV, and EDR. But here’s the catch: delivering policies isn’t the same as enforcing them. Without visibility into policy drift, without enforcement at the point of risk, and without … Continued

This post first appeared on blog.netwrix.com and was written by Joe Dibley.
Introduction to Service Principal Names (SPNs) What is an SPN? Even a Windows Admin with some experience with Active Directory may be unaware of the role that Service Principal Names have in domain environments. A security principal name (SPN) is a unique identifier that links a specific service instance to the account running it, enabling … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
What Is CMMC? The Cybersecurity Maturity Model Certification (CMMC) is a framework designed by the US Department of Defense (DoD) to enhance the cybersecurity posture of companies within the Defense Industrial Base (DIB). It establishes security requirements that contractors must meet to protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) from cyber threats. … Continued

This post first appeared on blog.netwrix.com and was written by Adam Turner.
In today’s competitive IT landscape, certifications serve as valuable credentials that validate technical expertise and enhance career prospects. Whether you’re entering the field or looking to advance, earning the right certification can set you apart from the competition and open doors to better jobs and opportunities. Among the most sought-after IT certifications are CompTIA Security+ … Continued

This post first appeared on blog.netwrix.com and was written by Grady Summers.
Securing a hybrid environment is complex, but uncovering possible security risks within your environment doesn’t have to be. In fact, you can do it asking simple questions without the need to log into a dashboard or dig through manual reports. It only takes you and a single AI prompt.  This isn’t some distant future scenario … Continued

This post first appeared on blog.netwrix.com and was written by Joe Dibley.
Active Directory persistence through userAccountControl manipulation I’ve been doing some research on group Managed Service Accounts (gMSAs) recently, and reading the MS-SAMR protocol specification for some information. I happened to stumbled across some interesting information in the userAccountControl section which made us drop what we were doing to test it: Effectively, when the UF_SERVER_TRUST_ACCOUNT bit … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
PowerShell Replace String    Being able to find and replace specific text within strings is useful for many tasks, including data processing, automation and file management. For instance, replacing outdated information with current data is important for data standardization. PowerShell offers two primary methods for string replacement: Handpicked related content: [Free eBook] Windows PowerShell Scripting Tutorial … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
Introduction: The Rise of AI Assistants in the Workplace Bob Dylan’s classic song The Times They Are a-Changin’ feels more relevant than ever as AI continues to transform our daily lives. Today, countless computer users rely on AI assistants to boost productivity and streamline their workflows. In many ways, these tools act as copilots, offering support and … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Introduction to Exchange Online PowerShell Exchange Online PowerShell is a command-line management interface for administering and automating tasks in Exchange Online, which is a part of Microsoft 365. It allows administrators to manage user mailboxes, configure organizational settings, and perform bulk operations efficiently through scripting. Here are some benefits of using PowerShell for Exchange Online … Continued

This post first appeared on blog.netwrix.com and was written by Farrah Gamboa.
An Introduction to Microsoft Copilot for Security In the constantly evolving world of cybersecurity, defense teams need all the resources they can get to keep up. Fortunately, the massive advances in generative AI present SOC teams with a powerful set of tools to optimize security practices and match even fully automated adversaries using natural language … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Introduction to PowerShell 7 PowerShell 7 is a modern, cross-platform (Windows, macOS, and Linux) automation and configuration management tool that builds on the features of Windows PowerShell. It is based on the .NET Core runtime, unlike previous versions of PowerShell that relied on the Windows-only .NET Framework. This shift has allowed for significant improvements in … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Grep (Global Regular Expression print) command is a powerful text searching utility in Unix/Linux systems. Grep takes a pattern such as a regular expression or string and searches one or more input files for the lines that contain the expected pattern. Grep command can be significantly used for text searching and filtering, log analysis, code … Continued

This post first appeared on blog.netwrix.com and was written by Joe Dibley.
Introduction to NTLM and Kerberos Connecting all your company resources in a network for sharing is valuable, but you need a way to verify that only authorized users and devices can access these resources. Authentication serves this purpose by providing methods for users and devices to prove their identity. In Windows environments, two main authentication … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Introduction to PowerShell Execution Policies In PowerShell, execution policies are a safety feature designed to control the conditions under which PowerShell scripts run on a system. These policies are not exactly a security mechanism but are intended to serve the following purpose: Execution policies play an important role in enhancing script security. They act as … Continued

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
Microsoft 365 Copilot is an AI-powered productivity assistant designed to integrate with the Microsoft 365 suite. It enhances user productivity and collaboration across multiple applications by providing intelligent suggestions, automating tasks, and delivering real-time insights for users. Copilot help users in drafting emails, creating presentations in PowerPoint or summarizing meetings in Teams. It helps save … Continued

This post first appeared on blog.netwrix.com and was written by Adam Laub.
Introduction to Copilot So what is Copilot. Well, figuratively, it is like having your own cognitive copilot to help you when performing digital tasks such as drafting emails, summarizing documents and analyzing data. Technically, it is a generative AI chatbot developed by Microsoft that is built on the GPT-4 series of large language models. It … Continued

This post first appeared on blog.netwrix.com and was written by Istvan Molnar.
The latest iteration of the Cybersecurity Maturity Model Certification (CMMC) just came into force, and there is much to discuss about how security professionals can get up to speed on meeting its requirements. Who is this blog for? Are you working for an organization that acts as a prime or subcontractor for the Department of … Continued

This post first appeared on blog.netwrix.com and was written by Adam Turner.
Certifications validate a professional’s knowledge and skills. As a result, they enhance career prospects by establishing credibility that individuals are equipped to handle evolving cyber threats. Earning the following certifications can significantly boost a professional’s ability to contribute to an organization’s cybersecurity posture: This article provides a deep dive into each of these certifications and … Continued

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Introduction to Error Handling in PowerShell Many PowerShell scripts are designed to run unattended, so it is vital to ensure that they can handle errors smoothly. Proper error handling helps prevent a wide variety of issues, from incomplete operations and system downtime to data loss. Error handling needs to account for both terminating errors, which … Continued

This post first appeared on blog.netwrix.com and was written by James Anderson.
Organizations today collect and generate enormous volumes of sensitive data. Much of it is stored in SQL Server databases, making SQL Server security management crucial for protecting critical applications and services. Implementing strong Microsoft SQL Server security measures helps organizations defend against cyber threats and comply with regulations like GDPR, HIPAA, and PCI DSS. This … Continued