Select Page
An image of a GADOLINIUM controlled Microsoft TechNet profile established in 2016.

Microsoft Security—detecting empires in the cloud

Microsoft consistently tracks the most advanced threat actors and evolving attack techniques. We use these findings to harden our products and platform and share them with the security community to help defenders everywhere better protect the planet. Recently, the Microsoft ... continue reading
An image of the Microsoft 365 Defender dashboard.

Microsoft delivers unified SIEM and XDR to modernize security operations

The threat landscape continues to increase in both complexity and the level of sophistication of the attacks we observe. Attackers target the most vulnerable resources in an organization and then traverse laterally to target high-value assets. No longer can you ... continue reading
An image of the SOC Vectra Triad.

Vectra and Microsoft join forces to step up detection and response

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Click here to learn more about MISA. Traditional security operations center (SOC) processes typically involve a wide variety of disparate event notification tools that force ... continue reading
USB7.PNG

Manage USB Devices on Windows Hosts

  Raven is a Miniature Schnauzer that doesn’t like small critters in the yard unless they can fly. This gives Raven an insurmountable challenge, since my wife is such an avid gardener. We live on the side of a hill ... continue reading
ezgif.com-gif-maker (4).gif

Azure Advanced Threat Protection Deployment and Troubleshooting

    Hi IT Pros,   Recently, I searched the internet and could not find the document for Azure ATP Setup and Troubleshooting. So, I prepared this document for our convenient reference and deployment in the future.   Please check ... continue reading

Industry-wide partnership on threat-informed defense improves security for all

MITRE Engenuity’s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 (which Microsoft tracks as TAAL), a collection of threat intelligence, MITRE ATT&CK data, supporting scripts, and utilities designed to enable red ... continue reading
Figure 1: Highest volume netblocks used in STRONTIUM auth attempts.

STRONTIUM: Detecting new patterns in credential harvesting

Microsoft has tied STRONTIUM to a newly uncovered pattern of Office365 credential harvesting activity aimed at US and UK organizations directly involved in political elections. Analysts from Microsoft Threat Intelligence Center (MSTIC) and Microsoft Identity Security have been tracking this ... continue reading

Accelerate your adoption of SIEM using Azure Sentinel and a new offer from Microsoft

Take advantage of the efficiency benefits of Cloud-native SIEM using Azure Sentinel Today, security needs are evolving faster than ever—and the importance of being agile and cost-effective has never been clearer. Security teams need to get more done, faster, with ... continue reading
AppGuard Policies

Microsoft Defender Application Guard for Office

  Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will focus on a future release of Microsoft Defender Application Guard for Office available in limited preview for Windows 10 20H2. Windows 10 20H2 is now available for commercial customers to ... continue reading
tantran55_0-1596287884005.png

Deploying Microsoft Defender Advanced Threat Protection for Linux Servers.

Hi IT Pro,   The following is step-by-step document for Linux ATP deployment.  Let's start your Linux ATP deployment!  ________________________________   Microsoft Defender Advanced Threat Protection (MD ATP) support for Linux with kernel version 3.10.0-327 or later, including the following Linux flavours :  Red Hat Enterprise Linux 7.2 or higher  ... continue reading