Customers are inundated with the ever-flowing stream of updates to all of our services and products. I know it's hard to keep up, and it's even harder to commit time to learn about all the new stuff. I've mulled for a time how to deliver bite-sized nuggets of Microsoft Security information in a way that … Continue reading Introducing a New Series Called Security Rodcasts
The Microsoft Security Operations Guide Contains Microsoft Sentinel Templates for Things to Monitor
Thanks to a huge collaborative effort, there's now some additional value in the Microsoft Security Operations Guide - specifically for Microsoft Sentinel customers. You can locate the full Security Operations Guide at the following link: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/security-operations-introduction Inside the guide, in each operations section you'll find a Things to Monitor table. This table provides guidance and … Continue reading The Microsoft Security Operations Guide Contains Microsoft Sentinel Templates for Things to Monitor
Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint
Did you miss the live edition of the Microsoft Security Insights podcast on Wednesday evening? Never fear, the replay is here: https://www.twitch.tv/videos/1065493942 There was some fantastic Microsoft Defender for Endpoint knowledge administered by our guest PM, Yong Rhee. If you're an MDE fan, you'll want to catch this one. The biggest takeaway for me was … Continue reading Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint
Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream
I'm guest-hosting the Microsoft Security Insights podcast for the next couple weeks while is Edward is off galivanting and you know I like to make things extra special when I'm on. This next week, just prior to digging into Microsoft security topics with our guest, Sarahzin Shane - a PM for MCAS, I'll be tasting … Continue reading Elephant Poop and MCAS on the Microsoft Security Insights Podcast and Live Twitch Stream
Field Notes: Dealing with Phishing
Hackers turn to online scams to steal your personal information, because of this phishing prevention has become critical for every organization. Phishing emails may appear to be legitimate. In today’s world, you will likely be subjected to a phishing attack, meaning you'll need to be aware of the warning signs and know how to handle … Continue reading Field Notes: Dealing with Phishing
All the Microsoft Ninja Training I Know About
There's been a big rush of new interest in Microsoft security certifications recently. There's some fantastic Learn modules (the SC series) created to help those seeking certifications, but these are great sources of knowledge training by themselves. But a lot of you have shown interest in the "Ninja" training that's been put together by our … Continue reading All the Microsoft Ninja Training I Know About
Is it Time for an Analyst Assistant for Azure Sentinel?
Just a fun little blog post. Nothing serious here, just wanted to bring some joy into your life. I posted earlier about our new Incident Response Playbooks. These are awesome. And, if more of these are made available consistently, SOCs will have a great resource with which to build policies, procedures, and workflows specific to … Continue reading Is it Time for an Analyst Assistant for Azure Sentinel?
Incident Response Playbooks are the Guidance You Need
A new section has been developed and released in our Security Best Practices section of the docs platform. With hope that this will be built out further and we'll see additional guidance released, the Incident Response Playbooks section contains the following to start: PhishingPassword sprayApp consent grant Bookmark this page and watch for updates. These … Continue reading Incident Response Playbooks are the Guidance You Need
How to Use Azure Sentinel to Protect Against the Exchange Zero-day
If you've not heard by now and this is your first time hearing it, there's a 0-day in the wild that has been dubbed "HAFNIUM." HAFNIUM targets the following Exchange server versions: Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Exchange Server 2019 Exchange Online is not affected. The vulnerabilities being exploited are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and … Continue reading How to Use Azure Sentinel to Protect Against the Exchange Zero-day
Security – “The Best Christmas Gift, Securing your Accounts (‘Tis the season to be hacked on Facebook)”
Issue It's December and time to let your hair down. It could be a time to relax, do some reading or even take time to upskill in a new technology. Perhaps catch up with friends and family. But if you think you can completely relax just remember, your identities on-the-line(Vince Vaughn) are open and exposed … Continue reading Security – “The Best Christmas Gift, Securing your Accounts (‘Tis the season to be hacked on Facebook)”
You must be logged in to post a comment.