Author: Louis Dalton

Microsoft Employee within the Cyber Security Engineering teams blogging about all M365 security products such as Sentinel, Azure Defender (ASC), Defender product suite, MCAS and many other security principals like exams and best practices (SOC, threat hunting etc)

Microsoft Defender for Server Reference Architecture and Deployment Guide

When coming to deploying Defender for Servers within Microsoft Defender for Cloud, there are a number of considerations and factors which need focus to ensure a successful implementation. My goal here is to provide a reference architecture with steps that show at a high level the core areas of focus, calling out core integrations and … Continue reading Microsoft Defender for Server Reference Architecture and Deployment Guide

Azure Lighthouse DRM Controls with Microsoft Sentinel

Recently, I was asked about our strategy around providing controls to Azure Lighthouse, and it's ability to DRM external users from external tenants or subscriptions, and guest them into a production or customer owned tenant, providing a significant data exfiltration risk where a malicious, or unaware privileged user could cause a serious security incident. A … Continue reading Azure Lighthouse DRM Controls with Microsoft Sentinel

Microsoft Defender For Cloud? – The Edge of Ingite

Azure Defender, Security Center?Azure Defender and ASC. The hot topic of recent months, and one that I have been asked about more than any other product or topic. Yesterday, a rebrand annoucement was made to try and address some of the confusion in terms of what it is and how it fits. I think this … Continue reading Microsoft Defender For Cloud? – The Edge of Ingite