2 Shades of Blue: Mailflow under a microscope & Whitelisting behaviours

Our virtual June meetup is just around the corner. This time, we will focus on some blue teaming concepts taught by our very own Daniela and Microsoft MVP, Dave. We look forward to seeing you all.

Please note that this event is open to everyone.

AGENDA:

18:00 - Call-in
18:15 - Mailflow under the microscope by Dave M. Stork
19:20 - Break
19:30 - Whitelisting behaviors by Daniela
20:00 - WICCA & Chill
21:00 - End

PRESENTATIONS:

1. Mailflow under the microscope by Dave M. Stork

In this session, Microsoft MVP Dave Stork will cover key techniques and strategies that protect your organization's inbound and outbound mail flow.

Topics that will be covered:

• Implementing SPF, DKIM and DMARC to prevent spoofing.
• Dealing with mail subdomains, forwarding and mail from other SaaS services.
• Going through mail headers to check mails for authenticity yourself and to extract other useful information.

This session will also discuss the drawbacks and challenges that one is guaranteed to encounter, sharing the speaker's experiences. Case studies will focus primarily on Microsoft Exchange Online/Microsoft 365.

The goal is to quickly take your mailflow infrastructure to a higher and more secure level and is ideal for getting a clear overview of the most important things to protect your IT environment and your brand.

2. Whitelisting behaviors by Daniela

Creating positive TTPs, or full accepted behaviors would leave less place for the unexpected.

Imagine a space mission where every potential action is planned and the reaction is thought over, tested and practiced to perfection.

We whitelist network traffic, applications installs - so why not full functionalities? We are probably far from a world ready to accept this. But between limiting the users behaviour to a level which causes annoyance and creating a more secure experience it would be interresting to find the balance point.

SPEAKERS:

1. Dave M. Stork (@dmstork)

Since starting in IT about 20 years ago, Dave has seen many facets of IT. He has worked on servicedesks and eventually as an IT consultant and cloud architect. As a technical expertise he has focused on Microsoft Exchange Server and mail, more recently he has turned his attention towards (hybrid) Microsoft 365 implementations. He is also a trainer, blogger, speaker, author, and technical reviewer of several books.

Since 2014 Dave has received the Microsoft MVP award in Office Apps and Services.

More about Dave: https://mvp.microsoft.com/en-us/PublicProfile/5000976

2. Daniela (@_ChezDaniela)

Daniela would rather tech talk than playing politics, but still able to appreciate a good argumentation. If possible she would automate 99% of her work for two reasons: it would give her time to think about new things, and, the automation itself is a very OCD-rewarding type of work.
She has worked in security for many years and probably rolled into this due to the patience to have things under control and monitored at all times. She is a strong believer in the blue side of things and loves all types of logs without discrimination. She is currently working at OneZeroIT (tech contracting firm) and is part of and a fun and brilliant group of people.

Ps. Zoom link will appear closer to the date.