Set Up Automatic Restore Points within Windows 10

To set up automatic restore points within Windows 10, search with the text of “system restore.”  Click on the Configure button and verify that the feature is enabled.

With Windows 10 Pro, launch the local Group Policy editor (gpedit.msc) and access the following path:

Computer Configuration -> Administrative Templates -> Windows Components -> Windows Defender Antivirus –> Scan

Enable the “Create a system restore point” option.

http://www.itprotoday.com/windows-10/how-set-automatic-restore-points-windows-10

ASLR Registry setting with Windows

Windows 8 and later has a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy.

To enable both bottom-up ASLR and mandatory ASLR on a system-wide basis on a Windows 8 or later machine, the following registry value should be imported:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel]
"MitigationOptions"=hex:00,01,01,00,00,00,00,00,00,00,00,00,00,00,00,00

https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/

http://www.kb.cert.org/vuls/id/817544

osquery

osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.

https://osquery.io/

Rescatux

Rescatux is a Debian-based GNU/Linux live distribution that includes a graphical wizard for rescuing broken GNU/Linux installations. The available rescue options include restoring the GRUB bootloader after a Windows installation, Linux and Windows password resets, and Linux file system checks.

https://www.supergrubdisk.org/rescatux/

Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete with a collection of endpoint security tooling and logging best practices.

https://isc.sans.edu/forums/diary/Detection+Lab+Visibility+Introspection+for+Defenders/23135/

https://github.com/clong/DetectionLab

Datally for Android

Datally is an application for Android from Google.  It’s a mobile data manager that will help you monitor, save, and gain control of your data.

https://play.google.com/store/apps/details?id=com.google.android.apps.freighter&hl=en

Secure Score with Office 365

Office 365 Secure Score is a tool for analyzing and implementing security best practices in your Office 365 tenant.

https://www.petri.com/improve-office-365-security-using-secure-score

https://blogs.technet.microsoft.com/office365security/using-the-office-365-secure-score-api/

Handoff option within iOS

Handoff is a feature to move tasks and data seamlessly from one device to another with iOS and Macs.  Handoff lets you start writing an email on your iPhone and pass it to your Mac for completion and sending.  To disable the feature, access Settings –> General –> Handoff.