Introducing a New Series Called Security Rodcasts

Customers are inundated with the ever-flowing stream of updates to all of our services and products. I know it's hard to keep up, and it's even harder to commit time to learn about all the new stuff. I've mulled for a time how to deliver bite-sized nuggets of Microsoft Security information in a way that … Continue reading Introducing a New Series Called Security Rodcasts

The Microsoft Security Operations Guide Contains Microsoft Sentinel Templates for Things to Monitor

Thanks to a huge collaborative effort, there's now some additional value in the Microsoft Security Operations Guide - specifically for Microsoft Sentinel customers. You can locate the full Security Operations Guide at the following link: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/security-operations-introduction Inside the guide, in each operations section you'll find a Things to Monitor table. This table provides guidance and … Continue reading The Microsoft Security Operations Guide Contains Microsoft Sentinel Templates for Things to Monitor

Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint

Did you miss the live edition of the Microsoft Security Insights podcast on Wednesday evening? Never fear, the replay is here: https://www.twitch.tv/videos/1065493942 There was some fantastic Microsoft Defender for Endpoint knowledge administered by our guest PM, Yong Rhee. If you're an MDE fan, you'll want to catch this one. The biggest takeaway for me was … Continue reading Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint

Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream

I'm guest-hosting the Microsoft Security Insights podcast for the next couple weeks while is Edward is off galivanting and you know I like to make things extra special when I'm on. This next week, just prior to digging into Microsoft security topics with our guest, Sarahzin Shane - a PM for MCAS, I'll be tasting … Continue reading Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream

Field Notes: Dealing with Phishing

Hackers turn to online scams to steal your personal information, because of this phishing prevention has become critical for every organization. Phishing emails may appear to be legitimate. In today‚Äôs world, you will likely be subjected to a phishing attack, meaning you'll need to be aware of the warning signs and know how to handle … Continue reading Field Notes: Dealing with Phishing

All the Microsoft Ninja Training I Know About

There's been a big rush of new interest in Microsoft security certifications recently. There's some fantastic Learn modules (the SC series) created to help those seeking certifications, but these are great sources of knowledge training by themselves. But a lot of you have shown interest in the "Ninja" training that's been put together by our … Continue reading All the Microsoft Ninja Training I Know About

Is it Time for an Analyst Assistant for Azure Sentinel?

Just a fun little blog post. Nothing serious here, just wanted to bring some joy into your life. I posted earlier about our new Incident Response Playbooks. These are awesome. And, if more of these are made available consistently, SOCs will have a great resource with which to build policies, procedures, and workflows specific to … Continue reading Is it Time for an Analyst Assistant for Azure Sentinel?

Incident Response Playbooks are the Guidance You Need

A new section has been developed and released in our Security Best Practices section of the docs platform. With hope that this will be built out further and we'll see additional guidance released, the Incident Response Playbooks section contains the following to start: PhishingPassword sprayApp consent grant Bookmark this page and watch for updates. These … Continue reading Incident Response Playbooks are the Guidance You Need

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

If you've not heard by now and this is your first time hearing it, there's a 0-day in the wild that has been dubbed "HAFNIUM." HAFNIUM targets the following Exchange server versions: Microsoft Exchange Server 2013  Microsoft Exchange Server 2016  Microsoft Exchange Server 2019  Exchange Online is not affected.  The vulnerabilities being exploited are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and … Continue reading How to Use Azure Sentinel to Protect Against the Exchange Zero-day

Security – “The Best Christmas Gift, Securing your Accounts (‘Tis the season to be hacked on Facebook)”

Issue It's December and time to let your hair down. It could be a time to relax, do some reading or even take time to upskill in a new technology. Perhaps catch up with friends and family. But if you think you can completely relax just remember, your identities on-the-line(Vince Vaughn) are open and exposed … Continue reading Security – “The Best Christmas Gift, Securing your Accounts (‘Tis the season to be hacked on Facebook)”