Blog
Articles & Thoughts
Writing about building software, scaling systems, and the startup journey.
How to Set Up Windows Firewall: PowerShell Hardening Guide
Windows Firewall ships with every edition of the operating system — Pro, Enterprise, Education — enabled by default, at no additional cost [1]. It blocks unsolicited inbound traffic from the moment you boot up. And yet, breaches keep happening.
Understanding and Configuring DKIM, DMARC, and SPF for Exchange Online
Over 90% of cyberattacks begin with a phishing email. In 2023 alone, Business Email Compromise (BEC) losses exceeded $2.9 billion according to the FBI IC3 report — with spoofed sender addresses serving as the primary attack vector. This threat is not theoretical. It is constant, escalating, and targeting every organization with an email domain.
How to Set Up Automated Alerts and Notifications Across Office 365 Apps
Managing a Microsoft 365 environment without proactive alerting is like running a building without smoke detectors — everything seems fine until it isn't. Microsoft 365 ships with dozens of default alert policies covering malware detection, phishing campaigns, privilege escalation, and unusual file activity, yet many organizations never customize them beyond the out-of-box defaults. The result: a dangerous gap between what the platform can tell you and what it actually does.
How to Enable and Configure Microsoft Defender for Office 365 Safe Attachments
Email remains one of the most common vectors for delivering malware — and traditional signature-based scanning simply cannot catch every threat. Safe Attachments in Microsoft Defender for Office 365 closes this gap by detonating email attachments in a virtual sandbox environment before they ever reach a recipient's inbox. Going well beyond the built-in anti-malware scanning provided by Exchange Online Protection (EOP), Safe Attachments adds a critical layer of defence against zero-day threats and unknown malware.
Blocking Auto-Forwarding Rules in Exchange Online to Prevent Data Exfiltration
When a threat actor compromises a Microsoft 365 account, one of their first moves is deceptively simple: set up an email forwarding rule. It's quiet, persistent, and devastatingly effective. Even after a password reset, a hidden forwarding rule keeps silently siphoning sensitive emails to an attacker-controlled address. CISA advisory AA21-008A explicitly calls out malicious email forwarding rules as a key indicator of compromise and a primary exfiltration technique targeting organizations running Microsoft cloud environments.
How to Set Up Audit Logging and Mailbox Auditing in Exchange 365
If you can't see who accessed what, when, and from where, incident response becomes guesswork. Audit logging eliminates that blind spot — giving your organization the visibility it needs to detect unauthorized access, investigate security breaches, and satisfy regulatory compliance requirements across Microsoft 365.
Troubleshooting Classic Outlook Freezes and Slow Load Times in VDI Environments
Classic Outlook is among the most resource-hungry applications in any user's daily workflow—and virtual desktop infrastructure has a way of exposing every weakness. VDI desktops share CPU, RAM, and disk I/O across dozens or even hundreds of concurrent sessions on a single host. Outlook's memory footprint and background sync operations don't just consume resources; they compete for them against every other session on the server.
How to Configure Anti-Phishing Policies in Exchange Online Protection
Phishing isn't slowing down—it's evolving. Attackers spoof trusted domains, impersonate executives, and craft lures convincing enough to fool even cautious users, all in pursuit of credentials and sensitive data. Exchange Online Protection (EOP) stands as your first line of defense, delivering baseline anti-phishing capabilities to every Microsoft 365 organization with cloud mailboxes.
VPNs Explained: What They Protect and What They Don't
VPNs are one of the most recommended security tools in existence — and one of the most misunderstood. Ask most people what a VPN does, and you'll hear some version of "it makes you safe online." That's not wrong, exactly. It's just dangerously incomplete.
Network Segmentation for Small Networks Using Windows Firewall
Walk into most small businesses running 10 to 50 devices and you'll find the same architecture: one subnet, one broadcast domain, every device talking freely to every other device. The workstation in accounting can reach the security cameras. The guest laptop on WiFi can ping the point-of-sale terminal. A single compromised machine gives an attacker line-of-sight to everything on the network.