Select Page
Microsoft Endpoint Manager: Create & Audit an ASR Policy

Microsoft Endpoint Manager: Create & Audit an ASR Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating an Attack Surface Reduction (ASR) rule ... continue reading
An example of an alert indicating that a potential malware was uploaded to a file share.

Azure Files support and new updates in advanced threat protection for Azure Storage

A year ago we announced the general availability of advanced threat protection for Azure Storage, to help our customers better protect their data in blob containers from the growing risk of cyberattacks. Since then, advanced threat protection for Azure Storage ... continue reading
Screenshot of Microsoft 365 security center showing the overview tab of the Incidents view

Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents

Cybersecurity incidents are never contained to just one of your organization’s assets. Most attacks involve multiple elements across domains, including email, endpoints, identities, and applications. To rapidly understand and address incidents, your Security Operations Center (SOC) analysts need to be ... continue reading
Protecting your remote workforce from application-based attacks like consent phishing

Protecting your remote workforce from application-based attacks like consent phishing

The global pandemic has dramatically shifted how people work. As a result, organizations around the world have scaled up cloud services to support collaboration and productivity from home. We’re also seeing more apps leverage Microsoft’s identity platform to ensure seamless ... continue reading
An image of a black male developer at work in an Enterprise office workspace.

Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting

Threat hunting is a powerful way for the SOC to reduce organizational risk, but it’s commonly portrayed and seen as a complex and mysterious art form for deep experts only, which can be counterproductive. In this and the next blog ... continue reading
Defending Exchange servers under attack

Defending Exchange servers under attack

Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, ... continue reading
636012d2-c567-4e21-b6c7-d672553c9658

Stay ahead of attacks with Azure Security Center

With massive workforces now remote, the stress of IT admins and security professionals is compounded by the increased pressure to keep everyone productive and connected while combatting evolving threats. Now more than ever, organizations need to reduce costs, keep up ... continue reading

CISO Stressbusters: Post #2: 4 tips for getting the first 6 months right as a new CISO

In your first six months in a new Chief Information Security Officer (CISO) role, you will often be tasked with building a security program. For some of us this is the most exciting part of the job, but it can ... continue reading

Microsoft continues to extend security for all with mobile protection for Android

Just a year ago, we shared our first steps on a journey to enable our customers to protect endpoints running a variety of platforms with our announcement of Microsoft Defender ATP for Mac. Knowing that each of our customers have ... continue reading

Modernizing the security operations center to better secure a remote workforce

The response to COVID-19 has required many security operations centers (SOCs) to rethink how they protect their organizations. With so many employees working remotely, IT groups are routing more traffic directly to cloud apps, rather than through the network. In ... continue reading