0

How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record

DMARC RecordfCheck

Previously we looked at how to use nslookup to retrieve the main Domain Based Message Reporting And Conformance (DMARC) DNS record. One of the often overlooked and behind the scenes aspect of DMARC is that a 3rd party DMARC provider has to actually grant permission for DMARC reports to be sent to them for a given domain.  Without that permission, email service providers will not be able to send DM… Read the rest “How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record”

0

How to View Copilot for Security Prompt Processing Location And Cross Region Details

Copilot for Security Data Storage Location

Data processing and handling considerations must be reviewed as part of deploying any cloud product.  With Copilot for Security there are two aspects that need to be fully understood.  One is where the tenant’s data is stored.  Secondly is where the AI prompts are processed.  It may be the case that these are different locations.

We can use the Copilot for Security (CfS) portal https://securitycopiRead the rest “How to View Copilot for Security Prompt Processing Location And Cross Region Details”

0

Copilot for Security – Global Admin Required to Enable Microsoft 365 Service Data Access

Enabling Copilot for Security M365 Service Integration

Copilot for Security has multiple integration points which can be accessed via either:

Standalone experience
Copilot for Security, accessed through https://securitycopilot.microsoft.com, is considered the standalone experience.

Embedded experience
Accessing Copilot for Security embedded experiences in other Microsoft security products is considered an embedded experience.

For the current list of embedded… Read the rest “Copilot for Security – Global Admin Required to Enable Microsoft 365 Service Data Access”

0

MTA-STS–Comments On Deploying Azure Static Web App

Hosting MTA-STS File on Azure Static Web App

Many customers have completed or are completing the rollout of SPF, DKIM and DMARC to improve email security.  Once DMARC has been moved to 100% quarantine that means that all of the issues have been identified and resolved.  So what’s next?

Typically this is where MTA-STS comes in. Mail Transfer Agent - Strict Transport Security (MTA-STS) is intended to provide additional security to email transpo… Read the rest “MTA-STS–Comments On Deploying Azure Static Web App”

0

Copilot for Security Workshop Links

Copilot for Security Architecture Diagram

When delivering Copilot for Security engagements to customers, we frequently want to reference external articles, content and news.  There is also the occasional squirrel moment due to how my brain operates.

This post is a collection of the various artifacts that we typically discuss.  They are all collected into one spot so that it is easier to send out as a curated resource after the engagement h… Read the rest “Copilot for Security Workshop Links”

0

Unable to Setup Copilot for Security – Can’t get account information

Unable to Setup Copilot for Security - Can't get account information

Starting a setup of Copilot for Security in a demo tenant led to an interesting issue where the expected bootstrap process was not launched.  As an eligible administrator, when you navigate to https://securitycopilot.microsoft.com  you will either access the previously deployed Copilot for Security (CfS) instance or be prompted to create it.  This assumes that you are logged on as either a Global Ad… Read the rest “Unable to Setup Copilot for Security – Can’t get account information”

0

Copilot for Security Setup – Using Azure Portal

Copilt for Security Setup Initiated from Azure Portal

In a previous post the recommended Copilot for Security setup process was covered.  While that is the generally the recommended method, there will be scenarios where the second option will be required.  This could be applicable at intial setup and also post-deployment.  For example, if the Security Compute Units (SCU) were to be recreated in a different Azure subscription, they can be pre-created … Read the rest “Copilot for Security Setup – Using Azure Portal”

0

Copilot for Security Setup–Recommend Option Using Standalone Experience

Copilot for Security Setup Experience

Copilot for Security became Generally Available on the 1st of April 2024 and now everyone is able to spin up an instance of the AI that is designed from the ground up to be used for security tasks!

There are two ways that an administrator can provision and setup Copilot for Security ( CfS ):

  1. The setup process can be initiated from the CfS admin portal and all setting specified if the admin has the r
Read the rest “Copilot for Security Setup–Recommend Option Using Standalone Experience”
0

April 2024 Exchange Server Hotfix Updates – HU

Exchange April 2024 Hotfix Update

Want some updates to go with your updates?  That’s pretty much what you are getting with the April 2024 Exchange updates.  We can split the features which are part of the April 2024 release into two main areas:

  1. Fixing the multiple things that broke with the March 2023 Security Update (SU)
  2. Adding net new features

The April 2024 HU is available for the following builds of Exchange Server:

  • Exchange Serve
Read the rest “April 2024 Exchange Server Hotfix Updates – HU”
0

Exchange Healthcheck Script– Unable to Connect to Server

Exchange Healthcheck Script - Unable to Connect

Below is a repro of a customer situation where the Exchange Healthcheck script was unable to connect to a remote Exchange server.  The Healthcheck script would run locally with no issues, and reported a clean bill of health.

Note that the expected output log was not present after running the script.

In the command below, we are trying to remotely assess sever Exch-2019-1

Exchange Healthcheck Script - Unable to Connect to Server

Troubleshooting Thoughts

It wa… Read the rest “Exchange Healthcheck Script– Unable to Connect to Server”