Microsoft-365

Scripts and other resources to help configure Microsoft 365. Latest and greatest scripts are located in the zip files in this directory: - ZeroTrustScripts.zip: Corresponds to the scripts described in my Zero Trust Guide for the SMB, including Conditional Access baselines. - ThreatDefenseScripts.zip: Corresponds to the scripts described in my Threat Defense Guide for the SMB, including Protection alerts, Exchange Online, Microsoft Defender for Office 365, and more. - DataProtectionScripts.zip: Corresponds

Azure AD

Legacy; see ZeroTrustScripts.zip for latest and greatest versions of these scripts including Conditional Access baselines.

Exchange Online

Legacy; see ThreatDefenseScripts.zip for latest and greatest versions of these. The Office 365 Email Security Checklist: For anyone with an Exchange Online subscription for Email hosted in Office 365, start here. Scripts from this guide are located in the Exchange Online folder.

Setup Intune

Legacy; no longer updating this directory. The Intune Setup scripts: The Intune scripts are (mostly) taken and modified from Microsoft: https://github.com/microsoftgraph/powershell-intune-samples/ ; None of the policies will be assigned when you first import the JSON files; simply review, adjust and test the settings out before assigning them. See more details in the "Setup Intune" folder's readme file.

Windows 10

Legacy; no longer updating this directory. These scripts are again taken and modified from Microsoft. They are used to install the Windows 10 Business secure configuration profiles. Optionally, this deployment can include an implementation of Windows Information Protection. A corresponding guide is available for purchase at GumRoad.

Incident Response

These scripts I have found to to be useful during Incident Response.