Replay Available: Cicadas and Microsoft Defender for Identity on the Microsoft Security Insights Podcast

Edward was out again this week so I filled in, helping as a guest-host once again. The discussion was wonderful and I learned a heap about Microsoft Defender for Identity, including some things I've been asked about by customers recently. Now, I can go back to those customers and sound really cool and intelligent. I … Continue reading Replay Available: Cicadas and Microsoft Defender for Identity on the Microsoft Security Insights Podcast →

Replay: Sarahzin Shane, MCAS and Elephant Made Coffee on the Microsoft Security Insights Podcast

Did you miss the live event on Wednesday evening this week? This week's episode of the Microsoft Security Insights podcast saw myself and Nathan Swift co-guest hosting - but even more importantly we had an amazing discussion around Microsoft Cloud App Security with program manager, Sarahzin Shane. Sarahzin provided some awesome information including sharing the … Continue reading Replay: Sarahzin Shane, MCAS and Elephant Made Coffee on the Microsoft Security Insights Podcast →

Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream

I'm guest-hosting the Microsoft Security Insights podcast for the next couple weeks while is Edward is off galivanting and you know I like to make things extra special when I'm on. This next week, just prior to digging into Microsoft security topics with our guest, Sarahzin Shane - a PM for MCAS, I'll be tasting … Continue reading Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream →

Field Notes: Dealing with Phishing

Hackers turn to online scams to steal your personal information, because of this phishing prevention has become critical for every organization. Phishing emails may appear to be legitimate. In today’s world, you will likely be subjected to a phishing attack, meaning you'll need to be aware of the warning signs and know how to handle … Continue reading Field Notes: Dealing with Phishing →

All the Microsoft Ninja Training I Know About

There's been a big rush of new interest in Microsoft security certifications recently. There's some fantastic Learn modules (the SC series) created to help those seeking certifications, but these are great sources of knowledge training by themselves. But, a lot of you have shown interest in the "Ninja" training that's been put together by our … Continue reading All the Microsoft Ninja Training I Know About →

Field notes: Working with MCAS Alerts

This will be a series of articles on how to investigate MCAS alerts. In this first article I will start to cover the basics for activity and anomaly alerts. As we already know, in todays Microsoft Cloud App Security, we can encounter different alerts every day. How do we know where to start the investigation? … Continue reading Field notes: Working with MCAS Alerts →

Replay Now Available: Microsoft Security Insights with Chris Boehm and Jing Nghik

If you missed the live event last week when Nathan Swift and myself took over the Microsoft Security Insights Podcast and Twitch stream, the replay is now available: Audio Podcast: http://microsoftsecurityinsights.com/043-azure-sentinel-with-chris-boehm-and-jing-nghik Twitch TV: https://www.twitch.tv/videos/953205246 ========================= [Want to discuss this further? Hit me up on Twitter or LinkedIn] [Subscribe to the RSS feed for this blog] … Continue reading Replay Now Available: Microsoft Security Insights with Chris Boehm and Jing Nghik →

New Microsoft Security Certifications released

Exams such as AZ-500 and MS-500 measures your overall knowledge of Azure and Microsoft 365 security solutions and features. Microsoft has now released four new exams measuring skills on specific security solutions instead. You can obtain a new Fundamentals certification and three new Associate certifications. The new exams/certifications are as follows: Exam SC-900 | Microsoft … Continue reading New Microsoft Security Certifications released →

New Microsoft Security Operations Analyst Associate Certification with Azure Sentinel and Defender

If you've taken the exam for the Microsoft Azure Security Engineer certification, you may have gotten a bit excited in mid-2020 when it was announced Azure Sentinel and Azure Security Center content would be added. I was (does that make me weird?). But, after that announcement, I was a bit disappointed in the number of … Continue reading New Microsoft Security Operations Analyst Associate Certification with Azure Sentinel and Defender →

Field Notes: Zerologon | CVE-2020-1472 | Manage Netlogon secure channel changes

The Netlogon vulnerability (CVE-2020-1472) is well documented and includes all the required remediation and preparation steps for the next update coming February 2021. We are less than a month away from the enforcement phase, and I have found that some customers are still unsure of what they need to do in regards to this vulnerability and the security updates. I've decided to publish this post to clarify the required actions, and tools available after deploying the August 2020 security update.