I have this idea for a YouTube channel where
@SwiftOnSecurity
and I do tech make overs of infosec ppls horrible workspaces, security baselines, and monitoring. “Well team, we started by ripping out the Old AV and installing sysmon…”
@dwizzzleMSFT
@SwiftOnSecurity
Need to have the segment where you talk about "well if we touch this, even a little bit, we have to do a full re certification. Need to go back to the board and check on budget." ;)
@dwizzzleMSFT
@SwiftOnSecurity
What do you mean, no one monitors the EDR telemetry? Installing defender was slowing down the automated build, so you did waaat?