Almost every day I get a notification from one or multiple sources saying that “Product X” has a new vulnerability which is marked as HIGH SEVERITY and CRITICAL. This is then of course a RCE (Remote Code Execution) which can then bypass authentication for some public facing service. Congrats! someone now has access to your …
What to do with all these damn vulnerabilities? Part 1 Read More »
While there are many blog posts and articles mentioning WHY you should secure your GenAI services or applications that you are building, almost none of the describe the tools and methods to secure them. Therefore, I decided to write my own blog post on what kind of security risks you can have with building Gen …
How do you secure an GenAI application or service? Read More »
I have been reading so many bad blog posts lately regarding Microsoft Copilot and how they work that I decided to write a bit more in-depth the inner workings of the different offerings so that you can get some more sense on how they actually work. While I wrote a somewhat intro here –> How …
How Microsoft’s different Copilot offerings ACTUALLY work Read More »
This is a follow-up of my series on Ransomware (Part One: Analyzing the Anatomy of a Ransomware Attack – msandbu.org) the reason why I released this follow-up is that lately we have seen a large increase in Ransomware attacks. The reason behind this is that because lately there have been many critical vulnerabilities related to …
Part two: Infection and lateral movement of Ransomware attack Read More »
Copilot Pro debuts today, offering a premium subscription at $20 per month. This service includes AI-enhanced functionalities within Office applications such as Word, Excel, and PowerPoint. Additionally, subscribers gain priority access to the newest OpenAI models and the capability to create their personalized Copilot GPT. Similar to what ChatGPT has with ChatGPT Plus. Apart from …
The Owner and User Access Administrator roles let you set up who can do what in your subscription. Basically, if you’re in one of these roles, you can decide who gets to change, see, or delete stuff. Want to hand over these powers to someone else? Just make them an Owner or User Access Administrator. …
Delegate role assignment management with conditions in Microsoft Azure Read More »
A couple of years ago I posted a blog post about SASE and the future way to protect remote workers SASE – The next generation of services we need to protect the mobile workspace? – msandbu.org. Well at lot has happened since then, and I decided to revisit this topic to write an update to …
ZTNA, Secure Service Edge and the future way of remote access Read More »
With the release of ChatGPT it gave the regular end-user access to generative AI at their fingertips, which then started a domino effect on the development of new generative AI services in the market. All cloud providers are doubling down their development and efforts on building Generative AI capabilities. Microsoft focused on Copilot offerings, Google …
Now in 2023, why are many still struggling to have a good set of monitoring capabilities on their services to end-users? at the end of the day, the main focus of IT is providing services to end-users. easily accessible, functional, available, and secure. In this blog post, I try to dig into the big ecosystem …
This year has been a fun year for product marketing now with Generative AI on the loose and everyone working on embedding and building new services using Generative AI. One of those vendors that has embraced this to the full extent is Microsoft with all their “Copilots“. When reading the documentation and marketing slides it …
How do the different Copilot services from Microsoft actually work? Read More »
