![Matt Soseman](/img/default-banner.jpg)
- 223
- 1 171 931
Matt Soseman
United States
Приєднався 21 гру 2017
Matt is Chief Technology Officer at The Partner Masters (www.thepartnermasters.com) where he provides technical empowerment to Microsoft Partners. Previously, Matt spent over a decade at Microsoft in various technical roles across Engineering, Consulting, Marketing and Partner.
Note: The views and expressions on my videos do not represent those of my employer and are strictly my own.
All content provided on this channel is for informational purposes only. The owner of this channel makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this channel.
The owner of this channel will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.
These terms and conditions is subject to change at anytime with or without notice.
Note: The views and expressions on my videos do not represent those of my employer and are strictly my own.
All content provided on this channel is for informational purposes only. The owner of this channel makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this channel.
The owner of this channel will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.
These terms and conditions is subject to change at anytime with or without notice.
Auto Isolate w/ PowerAutomate + Defender for Endpoint
Being able to automatically isolate a device from the network during a cyber incident can be beneficial, but how do you do that? With Microsoft Power Automate + Microsoft Defender for Endpoint!
More Info: learn.microsoft.com/en-us/defender-cloud-apps/flow-integration
More Info: learn.microsoft.com/en-us/defender-cloud-apps/flow-integration
Переглядів: 3 476
Відео
Isolate Devices During an Incident - Morning Cyber Walks w/ Matt
Переглядів 651Рік тому
Isolating a device from the network can be a useful remediation response during a cyber incident. Let's take a look at how to accomplish this with Microsoft Defender for Endpoint. More Information: learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-worldwide#isolate-devices-from-the-network
Authentication Strengths in Azure AD - Morning Cyber Walks w/ Matt
Переглядів 374Рік тому
On my morning walk and wanted to share some thoughts... Sorry about the wind. Using Authentication Strengths in Azure AD Conditional Access can be beneficial to help meet technical and business goals, especially if wanting to require Passwordless. More information: learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-strengths
I have big news to share with you...
Переглядів 620Рік тому
A quick channel update. I left Microsoft and started a company. www.thepartnermasters.com P.S. Sorry about the audio only on the left channel, my fault! :)
Identity Secure Score (60 secs)
Переглядів 1,3 тис.Рік тому
Assessing configuration of your Azure Active Directory tenant is important to understand if you are aligning to Microsoft best practices. I'd like to show you a neat little tool that allows you to do exactly that! More information: docs.microsoft.com/en-us/azure/active-directory/fundamentals/identity-secure-score
How can Passwordless make new hire onboarding even easier...?
Переглядів 2,8 тис.Рік тому
I got a new microphone! .. Using a Temporary Access Pass is a wonderful way to allow a new hire to register a password less method such as a FIDO2 security key and provision a new Windows PC without IT intervention. In today's video I take this a step further by introducing Conditional Access, Device Compliance and Windows Intone into the architecture that makes this an even more seamless and e...
I used passwordless first day on the job
Переглядів 4,2 тис.Рік тому
I used a passwordless to get my work computer setup my first day on the job. In this video I cover the user experience of how to register a FIDO2 Security Key on a personal computer (Mac) and setup a Windows 11 computer using that key without a password. I also show you how to set this up in Azure Active Directory and Microsoft Intune. Stay tuned as I'm planning on releasing a video for Passwor...
Design a Device Compliance Architecture
Переглядів 1,9 тис.Рік тому
A key part of Zero Trust architecture is to ensure the devices connecting to your environment are compliant with IT policy. Join me as we learn how to approach device compliance with Microsoft Endpoint Manager! Link to deck:1drv.ms/p/s!AhzQ4p0K1fqij8ZNQa8hI63ZpVz7QQ?e=NeRtUh Gear: -Sony A6400 4K DLSR -Elgato Key Light -Sigma 30mm 1.4f Lens -Camtasia Editing Software -Elgato 4K Capture Stick -Bl...
How to remote wipe macOS w/ Microsoft Endpoint Manager
Переглядів 2,4 тис.2 роки тому
Do you have macOS devices in your environment and manage them with Microsoft Endpoint Manager? Join me as we look at how to remote erase them in the even they are lost or stolen... Resources: More info on Apple Hardware Security: support.apple.com/guide/security/hardware-security-overview-secf020d1074/1/web/1 Activation Lock on Apple devices: support.apple.com/guide/deployment/activation-lock-d...
Block SaaS Apps w/ Power Automate + Defender for Endpoint + Defender for Cloud Apps!
Переглядів 1,9 тис.2 роки тому
How can you email the SecOps team when a new SaaS app is discovered, AND give them the option to allow or block automatically? Watch to find out...! Here's the JSON schema I show in the video, special thanks to the individuals that helped me with this! { "type": "object", "properties": { "Type": { "type": "string" }, "AppId": { "type": "integer" }, "Name": { "type": "string" }, "Domains": { "ty...
Does Zero Trust even matter?
Переглядів 9832 роки тому
The industry talks a lot about "Zero Trust", and many of us in IT and Cyber view it as a buzzword. Is this important and something that we should pay attention to?
Risky User & Confirm Compromise API in Azure AD
Переглядів 3,2 тис.2 роки тому
Risky User & Confirm Compromise API in Azure AD
Block access using hardware serial numbers (AAD+Intune)
Переглядів 3,2 тис.2 роки тому
Block access using hardware serial numbers (AAD Intune)
Reliving my childhood through Xbox Cloud Gaming
Переглядів 2722 роки тому
Reliving my childhood through Xbox Cloud Gaming
Do this to increase cyber posture and lower risk...
Переглядів 1,1 тис.2 роки тому
Do this to increase cyber posture and lower risk...
This is the easiest chore I have all weekend… (Windows 365 Cloud PC)
Переглядів 1,1 тис.2 роки тому
This is the easiest chore I have all weekend… (Windows 365 Cloud PC)
How to Build a Cyber Security Architecture...
Переглядів 1,8 тис.2 роки тому
How to Build a Cyber Security Architecture...
Azure Defender for IoT Ep 13: Attack Vectors
Переглядів 6423 роки тому
Azure Defender for IoT Ep 13: Attack Vectors
Azure Defender for IoT Ep 12: Risk Assessment
Переглядів 5443 роки тому
Azure Defender for IoT Ep 12: Risk Assessment
Azure Defender for IoT Ep 11: Trends & Statistics
Переглядів 4593 роки тому
Azure Defender for IoT Ep 11: Trends & Statistics
Azure Defender for IoT Ep 10: Data Mining
Переглядів 4813 роки тому
Azure Defender for IoT Ep 10: Data Mining
Azure Defender for IoT Ep 9: Event Timeline
Переглядів 5923 роки тому
Azure Defender for IoT Ep 9: Event Timeline
Azure Defender for IoT Ep 8: Working with Alerts
Переглядів 7803 роки тому
Azure Defender for IoT Ep 8: Working with Alerts
Azure Defender for IoT Ep 7: Device Inventory
Переглядів 8153 роки тому
Azure Defender for IoT Ep 7: Device Inventory
Azure Defender for IoT Ep6: Devices Map
Переглядів 1,1 тис.3 роки тому
Azure Defender for IoT Ep6: Devices Map
Azure Defender for IoT Ep5: Azure Sentinel Integration
Переглядів 1,5 тис.3 роки тому
Azure Defender for IoT Ep5: Azure Sentinel Integration
Solarwinds and SUNBURST attacks compromised my lab!
Переглядів 1,1 тис.3 роки тому
Solarwinds and SUNBURST attacks compromised my lab!
How do I prevent a particular app being blocked by Smartscreen which I am trying to install? Device is being maintained by Intune.
old videos doesn't work anymore
Great video
Amazing content thank you .Going passwordless sounds great but how are we going to authenticate on MSFT native apps in Android and apple devices like outlook or teams onedrive?
Awesome explanation! Thank you!
Open PowerShell Admin ************************************************************************************************ Set-ExecutionPolicy bypass Install-Script -Name Get-WindowsAutopilotInfo -force [Y] Yes Get-WindowsAutopilotInfo -Online ************************************************************************************************* (If you copy this for later use give a like please!)
Does this block work on mobile as well? As in if I have the word doc open in Edge browser on mobile, will it work there too?
Thank you bro
Does it require any log server setup beforehand
hi, great video. Can you make another video explaining how to authenticate an Azure app in Tableau server i.e. the changes that we need to do in Tableau server settings to register an azure app, so that an external application can access the work book, reports from Tableau via this Azure app..that will be great. Thanks :)
Helpfull
Hey Matt love your stuff...this is great to know. All of the sudden my Tenant is inspecting and at times blocking copy and paste into web apps....Any idea what kind of policy that might live in?
, but does not meet the criteria to access this resource
Does MAM model block user for adding organisation user to non-managed application for example non-managed mail app?
THANK YOU! I was looking for this!
hey there, im getting error 65000, on devices that I'm trying to configure these settings: windows 11 ver 22h2
This no longer works as of Aug 2022.
Hello ! Do you have service to read sensitive data file on web browser ?
Hi Matt, thank you for the video. I want to block third-party uploads, but we won't label documents. Can we still deploy this policy?
Does this process still work in 2024? I set this up exactly the same but it still allows the device to enroll and personal and never shows the serial number as Enrolled :(.
Really interesting content, thanks!
Excellent overview. Some of those functions seem like hooks just because they can offer hooks, not because they provide value. UEBA sounds interesting though.
i dont see that option to block storage at all is this for an older version
Hi, very nice explanation, i have a query, by configuring this do we can see email activity log in MCAS, i am no seeing any documentation or information specifically for Gmail user activity logs into MCAS, any help on this that will be useful, thanks
Hey Matt, this was great to see. I got right through it, but now I'm stuck just few screens after this last screen at time 2:30. Once the device is wiped the setup gets to the Remote Management screen where I click Enroll. A sign-in window appears and asks for credentials: Enter your credentials for "COMPANY NAME". But no matter what credential I enter it won't proceed any further. What credentials do I need to enter? if it's a user, the user has no MFA setup on the account and is not a part of any conditional access policies. Does an admin user enter credentials? or is it something else? can't find any info anywhere else on this detail.
With O365 MDM is available. Can we achieve the objective of whitelisting personal devices ?
How can I fully automate this process on power automate or any other tool?
Thanks you so much 🎉
Thanks you so much 🎉
So what is the way to fix it
Anyone have an idea how to do this with a Mac?
should probably update this video to reflect what we're seeing now
this video needs to be updated
Hi Matt how would we do this if we are on Gsuite rather the Microsoft environment? Thank you for your help.
Hey Matt, Really great explanation! Would love to know if we can download this file as it isn't available on the link provide.
but how does it see the tenant? does this require having intune running on a local server and the client device being on the same network?
Hey Matt, is there a way to remove "all apps" I want users to see apps that are appointed to them in a collection.
Hello Matt, is there any integration available where we can send the Activity Explorer data/ DLP incident and alerts info into external SIEM?
How to map user profile photo from azure AD to slack?
Hi Matt. Pleas i have a question. I wuld like to lock some files to a, specific hardware by serialnumber. So only that hardware can open it. Pleas if you have any idea on how to do that HELP PLEAS. Any software that can do that?. I use a Synthisizer that has a, serial number,so i wuld like to lock my sounds and files to my synthisizers serialnumber, so olny my synthisizer recodnize those files. So if you try to putt same foldes to another synthisizer that is same model but different serialnumber it should not open it. Pleas any advice or sokution or software that can make it PLEAS BEGING you
Or turn off connect on demand
How can you edit that small toast message that pops up on the users machine after isolation? Example at 1:20
can you please share the slide if possible
I have been working at MSPs for around 6 years and I'd add what are the ways we can retire legacy systems, and modernize infrastructure quickly to prevent security risks and daily performance issues in a business environment where we have to spread cost over time?
Whilst amazingly cool, I have noticed this is really hit and miss - we have had an issue for over 12 months, that MS themselves cannot even solve, a simple DLP rule (for Exchange online) - applied to one group of users, block sensitive information enabled + allow overrides (with business justitication). It works fine for one user in the group its applied to, but the other users after pressing send and entering justification, just have their messages blocked. Beyond frustrating.
Hi Matt, Nice demo. I have use case where I need to block file download from OneDrive and SharePoint to any external application application not defined in our tenant. is possible to set this ?
What about screenshot?
Will it collect data of other apps on personal device?
Is there a way to allow a removable device once an administrators password has been entered. If the device is removed and re-inserted it would need to be re-entered?
valuable :)