How to Find How Long an Azure Security Center Recommendation Has Been Open

Azure Security Center provides awesome capability to deliver recommendations on how to better secure the existing environment and also how to deploy new workloads securely. This evaluation is continuous and it should be part of a daily or weekly regimen to review the recommendation list and take action where necessary. But, what if you want … Continue reading How to Find How Long an Azure Security Center Recommendation Has Been Open →

July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

A couple weeks back during the Microsoft Security Insights Podcast, the topic of Azure Arc came up in reference to the new AMA client that uses DCRs to help filter the Windows events collected from on-prem servers and sent to the Log Analytics workspace for Azure Sentinel. At the time, I suggested Thomas Maurer would … Continue reading July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream →

Integrate Microsoft Defender for Identity with Syslog (SIEM)

Microsoft Defender for Identity (MDI) can be easily integrated with your Syslog server. You can be notified of new suspicious activities by sending security and health alerts to your Syslog server.

Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint

Did you miss the live edition of the Microsoft Security Insights podcast on Wednesday evening? Never fear, the replay is here: https://www.twitch.tv/videos/1065493942 There was some fantastic Microsoft Defender for Endpoint knowledge administered by our guest PM, Yong Rhee. If you're an MDE fan, you'll want to catch this one. The biggest takeaway for me was … Continue reading Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint →

Replay Available: Cicadas and Microsoft Defender for Identity on the Microsoft Security Insights Podcast

Edward was out again this week so I filled in, helping as a guest-host once again. The discussion was wonderful and I learned a heap about Microsoft Defender for Identity, including some things I've been asked about by customers recently. Now, I can go back to those customers and sound really cool and intelligent. I … Continue reading Replay Available: Cicadas and Microsoft Defender for Identity on the Microsoft Security Insights Podcast →

Replay: Sarahzin Shane, MCAS and Elephant Made Coffee on the Microsoft Security Insights Podcast

Did you miss the live event on Wednesday evening this week? This week's episode of the Microsoft Security Insights podcast saw myself and Nathan Swift co-guest hosting - but even more importantly we had an amazing discussion around Microsoft Cloud App Security with program manager, Sarahzin Shane. Sarahzin provided some awesome information including sharing the … Continue reading Replay: Sarahzin Shane, MCAS and Elephant Made Coffee on the Microsoft Security Insights Podcast →

Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream

I'm guest-hosting the Microsoft Security Insights podcast for the next couple weeks while is Edward is off galivanting and you know I like to make things extra special when I'm on. This next week, just prior to digging into Microsoft security topics with our guest, Sarahzin Shane - a PM for MCAS, I'll be tasting … Continue reading Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream →

Field Notes: Dealing with Phishing

Hackers turn to online scams to steal your personal information, because of this phishing prevention has become critical for every organization. Phishing emails may appear to be legitimate. In today’s world, you will likely be subjected to a phishing attack, meaning you'll need to be aware of the warning signs and know how to handle … Continue reading Field Notes: Dealing with Phishing →

All the Microsoft Ninja Training I Know About

There's been a big rush of new interest in Microsoft security certifications recently. There's some fantastic Learn modules (the SC series) created to help those seeking certifications, but these are great sources of knowledge training by themselves. But, a lot of you have shown interest in the "Ninja" training that's been put together by our … Continue reading All the Microsoft Ninja Training I Know About →

Field notes: Working with MCAS Alerts

This will be a series of articles on how to investigate MCAS alerts. In this first article I will start to cover the basics for activity and anomaly alerts. As we already know, in todays Microsoft Cloud App Security, we can encounter different alerts every day. How do we know where to start the investigation? … Continue reading Field notes: Working with MCAS Alerts →