Select Page
Azure Sentinel Analytics menu

Azure Sentinel: Using rule templates

Microsoft's Azure Sentinel, our Security Incident and Event Management (SIEM) solution, enables you to connect activity data from different sources into a shared workspace. That data ingestion is just the first step in the process though. The power comes from ... continue reading
m1.png

Microsoft Defender for Endpoint Upgrade Readiness MacOS Big Sur

Hi IT Pros, Today we discuss about preparing our MD for Endpoint on Organization’s MacOS Systems and make them ready for “Big Sur”, the greatest and latest version of Mac operating system which is released by Apple on the 12th ... continue reading
PassTests.gif

Have Your Company's Systems Passed All Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Graph.png

Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.

Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading
PassTests.gif

Have Your Company's Systems Passed All the Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Microsoft Secure Score screen image

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication (MFA), and the removal ... continue reading
™

Terranova Security Gone Phishing Tournament reveals continued weak spot in cybersecurity

The Terranova Security annual Gone Phishing Tournament wrapped up in October 2020, spanning 98 countries and industries including healthcare, consumer goods, transport, energy, IT, finance, education, manufacturing, and more. Using templates created from actual phishing attacks created by Microsoft Security, ... continue reading
Azure Defender for Resource Manager monitors resource management operations to protect your Azure environment.

New cloud-native breadth threat protection capabilities in Azure Defender

As the world adapts to working remotely, the threat landscape is constantly evolving, and security teams struggle to protect workloads with multiple solutions that are often not well integrated nor comprehensive enough. This results in serious threats avoiding detection, as ... continue reading
Orgs with ZeroLogon exploitation attempts by red teams and real attackers starting September 13, 2020

Zerologon is now detected by Microsoft Defender for Identity

There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to ... continue reading
RS2.gif

Demystifying Ransomware Attacks Against Microsoft Defender Solution

Hi IT Pros, As you have known it, Ransomware is in aggravated assault mode at this time of year 2020, the joint cybersecurity advisory comes from the Cybersecurity Infrastructure and Security Agency (CISA), the Federal Bureau of Investigation (FBI), and ... continue reading