Created a reporting script to show user & group access to folders & shares. Had developed plans to enable the script to automatically run and automatically send the results in an email, when triggered by receiving an email from the reporting team.
Author: Steve Burns
Entra Connect Sev2
Resolved a Sev2 data sync issue for Entra Connect in less than a day. The problem was caused by the security team having excessive permissions to the production Entra / Intune environment and they then consequently enabled policies that killed multiple Entra connected services due to improper permission scoping.
AWS Sev1 Data Leak Resolution – Full Story
The NOC team escalated the ticket to me as a Severity 1 incident: our vulnerability scanning tool, Tenable Nessus, had discovered that an AWS FTP account may have been configured to have an inappropriate level of access, potentially exposing data that should have been restricted. A Sev1 meant potential data breach, immediate business impact, and…
15 min Sev1 Resolution
NOC Team reported a Sev1 data leak from a vendor. So I recognized the impact and jumped on the task, despite having ZERO experience managing that aspect of AWS file access and permission. I was able to lock down the inappropriate access in less than 15 minute. READ THE FULL STORY HERE
Intune Revival – Full Story
The Microsoft Intune initiative had been dead in the water for nearly four years. The Help Desk Manager and Director wanted modern device management – the ability to automatically configure new computers, push out software updates, enforce security policies, and manage devices remotely without relying on on-premises infrastructure. Intune and Autopilot were supposed to deliver…
Intune Environment Prep
Created policies and Intune apps to enable the automatic distribution of key software such as the security suite, teams, Chrome, etc. FIND THE WHOLE STORY HERE
Autopilot Prep
Initiated auto pilot prep via creating enrollment script and autopilot profile setup
Intune Enrollment Prep
Initiated company domain prep for Intune enrollment, a stalled goal for 3-4 years. FIND THE WHOLE STORY HERE
CrowdStrike Outage
Led the incident response team starting at 1:30 AM EST, reducing downtime to 1.5 hours. READ THE FULL STORY HERE
Automation Scripts
Built scripts to automate SOX compliance reporting (primarily concerning Active Directory group membership) reducing report creation time by nearly 97% (from 20 minutes to 30 seconds)