azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from GURU-BEAST-ROG at 2026-05-29 16:40:02

Browse Source 
Author: Mike Swanson
Machine: GURU-BEAST-ROG
Timestamp: 2026-05-29 16:40:02
This commit is contained in:
Mike Swanson
2026-05-29 16:40:12 -07:00
parent f576f7d686
commit 36fd44a8c8
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
clients/barbaragrygutis/session-logs/2026-05-29-session.md
View File

@@ -111,6 +111,18 @@ bash .claude/skills/remediation-tool/scripts/onboard-tenant.sh barbaragrygutis.c
---
## Update: 16:40 PT — Security Defaults check
Checked `identitySecurityDefaultsEnforcementPolicy` on the barbaragrygutis.com tenant.
**Security Defaults: ENABLED**
Baseline protections active: MFA enforced for all users (14-day grace on new sign-ins), legacy authentication blocked, privileged action protection. This explains why the credential spray is being blocked at the Microsoft layer. Security Defaults and custom CA policies are mutually exclusive — if granular CA is added in future, Security Defaults must be disabled first and replaced with equivalent policies.
Decision: leave account untouched until Barbara confirms she still has the iPhone 13 Pro Max with Authenticator registered. Security Defaults provide adequate baseline protection in the interim.
---
## Reference Information
- **Syncro ticket:** #32349 — https://computerguru.syncromsp.com/tickets/111566564