Firewall policy as code with Hashicorp Terraform

Alex Mags

Azure badger “in the style of a pixar movie poster, draw a friendly badger configuring a firewall with code” - bing chat

Hashicorp Terraform is a tool for managing infrastructure as code. You describe the desired state in versioned text files and the Terraform tool will drag your infrastructure into that state. Sometimes it feels like creating the code takes longer than just using the admin GUI to get something done. Sometimes it’s MUCH faster… This post describes adding 300 address ranges to a network security rule in just one line. How to create a terraform list from a text file.

How to Disable NetBIOS and LLMNR

Alex Mags

NetBIOS Meme

Hey defenders! Hackers and pentesters hate it when you disable the old NetBIOS network service. They love to respond to NetBIOS requests from PCs on your company LAN so they can impersonate your servers and steal some credentials. Here’s how to disable the old NetBIOS service so as not to give hackers and pentesters an easy ride.

Checking SaaS security configuration (SSPM)

Alex Mags

Was your SaaS software configured securely when it was deployed? Is it still configured securely now?
This article discusses the risk to your data of misconfigured/unhardened SaaS software and the emerging products to automate security checking of SaaS.

M365 Feature deployment order

Alex Mags

M365 landscape by By Aaron Dinnage “M365 landscape by By Aaron Dinnage”)

From the excellent feature licensing chart by Aaron Dinnage, you can see the Microsoft 365 suite has so many productivity and security components. It’s difficult to know where to start. I’d like to suggest a roadmap for implementing M365 features and getting value out of M365 licensing. The roadmap would be based on dependencies (you need X before you can deploy Y) and it should be prioritised on business value. I also wanted to experiment with the MermaidJS library for creating dependency diagrams.

Exchange Online Migration gotchas

Alex Mags

e-mail to the cloud!

Exchange Online migration is a complicated project in a large organisation. So complicated that some organisations haven’t completed this yet. There’s many technical integrations and operational processes with this service. Here’s a post about technical and operational problems that can occur when migrating email to Exchange Online. What has tripped you up in an Exchange migration? Let me know what I’ve missed!

Career break

Alex Mags

Travel I fancied a break and change of workplace. So my wife and I both resigned from our jobs and we’re taking the summer off. 😎