Select Page
TanTran_0-1611239541045.png

Microsoft Defender for Endpoint Adding Tags for Multiple Devices from CSV List

Bruno Gabrielli and Tan Tran Dear IT Pros, Related to Microsoft Defender for Endpoint, recently we got a request from a customer to create the Defender group of tool devices running Windows 10 Operating Systems. This device group later will ... continue reading
Azure Sentinel Analytics menu

Azure Sentinel: Using rule templates

Microsoft's Azure Sentinel, our Security Incident and Event Management (SIEM) solution, enables you to connect activity data from different sources into a shared workspace. That data ingestion is just the first step in the process though. The power comes from ... continue reading
m1.png

Microsoft Defender for Endpoint Upgrade Readiness MacOS Big Sur

Hi IT Pros, Today we discuss about preparing our MD for Endpoint on Organization’s MacOS Systems and make them ready for “Big Sur”, the greatest and latest version of Mac operating system which is released by Apple on the 12th ... continue reading
PassTests.gif

Have Your Company's Systems Passed All Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Graph.png

Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.

Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading
PassTests.gif

Have Your Company's Systems Passed All the Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Protecting Microsoft 365 from on-premises attacks

Protecting Microsoft 365 from on-premises attacks

Many customers connect their private corporate networks to Microsoft 365 to benefit their users, devices, and applications. However, there are many well-documented ways these private networks can be compromised. As we have seen in recent events related to the SolarWinds ... continue reading
Microsoft Secure Score screen image

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication (MFA), and the removal ... continue reading
Azure Defender for Resource Manager monitors resource management operations to protect your Azure environment.

New cloud-native breadth threat protection capabilities in Azure Defender

As the world adapts to working remotely, the threat landscape is constantly evolving, and security teams struggle to protect workloads with multiple solutions that are often not well integrated nor comprehensive enough. This results in serious threats avoiding detection, as ... continue reading
Orgs with ZeroLogon exploitation attempts by red teams and real attackers starting September 13, 2020

Zerologon is now detected by Microsoft Defender for Identity

There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to ... continue reading