The Claude / Terraform incident wasn’t AI going rogue—it was automation executing perfectly without governance. This post breaks down why agentic AI is a Zero Trust problem, not an intelligence one, and how Microsoft Agent 365 signals a shift toward scoped, observable, and approval‑gated agents designed to limit blast radius before damage happens. [Read More]
There are some security lessons that arrive as a whitepaper, and then there are the ones that arrive like a brick through the server room window. This post explores why Intune Multi-Admin Approval is no longer just a nice governance feature, but a critical security control for preventing destructive remote actions like wipe, retire, and delete from being abused at scale. [Read More]
Part 2 of the Secure Boot 2023 CA Update series dives into the actual rollout: how Windows applies the new KEK/DB certificates, why automatic updates aren’t guaranteed, and how Intune admins can safely trigger and manage the update workflow using registry‑based signals and proactive remediations. [Read More]
Before you roll out the Secure Boot 2023 certificates, map your fleet. This guide shows how to inventory posture with Intune—reports, proactive remediations, JSON outputs, and OEM gotchas. [Read More]
Behind the first OOBE screen, Windows launches a dense chain of provisioning tasks that never surface in the UI. As soon as the device comes online, CloudExperienceHost and the provisioning engine begin executing ZDP update checks, initializing and validating the TPM (EK, SRK, AIK), and activating hardware attestation. In parallel, Autopilot performs token‑based device discovery, retrieves its deployment profile, and drives the consumer‑vs‑enterprise pivot that determines the rest of setup. This part of the series breaks down those hidden flows — the CEH pipelines, TPM trust establishment, Autopilot token exchanges, and the orchestration logic that shapes modern Windows provisioning. [Read More]
Copyright © 2022, MDM Tech Space - Joymalya Basu Roy