Adding user risk to your STAT playbook Now that you’ve got your first playbook set up, let’s talk about what each module does. We’re going to start with the Azure AD Risks module. This module retrieves several pieces of information to help enrich your incident. The risk level for the users in the incident as … Continue reading Automate your SOC – Oh, that user again?
Azure AD PowerShell to Microsoft Graph PowerShell
Overview: You might have heard about AzureAD PowerShell module deprecation. So, in this article we will summarize the migration between Azure AD PowerShell to Microsoft Graph PowerShell and will provide you with all the relevant info and links in one place, to get you up and running with the new MS Graph Module. The best … Continue reading Azure AD PowerShell to Microsoft Graph PowerShell
Use Winget Windows Package Manager Tool to Install Published Apps using Intune
Now that the Microsoft Store for Business has been retired and the new integration between Intune and the Microsoft Store, we have seen that the specific application you are looking for might not yet be available, but is available on the winget repository. In this blog I will show you how to create such applications … Continue reading Use Winget Windows Package Manager Tool to Install Published Apps using Intune
Automate your SOC – Risky Business
Giving your incidents a risk score So, you’ve installed STAT using the deployment ARM template? Yes, ok let’s go. If not, see our tutorial on getting it installed here. Let’s start by navigating to your Logic Apps blade in the Azure portal. Here you will see that STAT installed fifteen logic apps. We will go … Continue reading Automate your SOC – Risky Business
Microsoft Secure Digital Event
Join us March 28 at 8:30 AM PDT for a brand-new digital event, Microsoft Secure—a place for security professionals to explore the most comprehensive, industry-leading solutions to help you protect everything.
Automate your SOC – Noise is the enemy of speed
As you can imagine, Microsoft has a massive security footprint. We’ve published previously that we get more than 20 billion cybersecurity events per day. That is an incredible number and you can imagine how difficult it must be to sort through all that data to find real threats. You may not have that many events, … Continue reading Automate your SOC – Noise is the enemy of speed
Automate your SOC – Let’s talk about STAT, baby
Let's talk about SIEM and me...let's talk about all the good things Last week, we talked about automating your SOC with the Microsoft Sentinel Triage Assistant (STAT). So this week, we thought it would be a good idea to talk about how to get STAT deployed in your Sentinel environment. Remember that STAT consists of … Continue reading Automate your SOC – Let’s talk about STAT, baby
Let’s automate your SOC
Intro to Microsoft Sentinel Triage Assistant (STAT) We wanted to jump right in to help you automate your security operations by introducing the Microsoft Sentinel Triage Assistant or STAT for short. STAT is built on a series of Azure Logic Apps which can be integrated into Microsoft Sentinel, Azure Active Directory, and the 365 Defender … Continue reading Let’s automate your SOC
Use the Microsoft Authenticator application as backup sign-in method when mobile device has no connectivity.
You can use the Microsoft Authenticator application to complete MFA (Multi-Factor Authentication) sign-in when your mobile device has no connectivity. The Authenticator application functions as the primary and backup sign-in method.
Azure MFA | Number Matching Enabled by Default
Number matching is a key security upgrade to traditional second factor notifications in Microsoft Authenticator. Microsoft will remove the admin controls and enforce the number match experience tenant-wide for all users starting May 8, 2023.
You must be logged in to post a comment.