Select Page
An image of the Microsoft 365 Defender dashboard.

Microsoft delivers unified SIEM and XDR to modernize security operations

The threat landscape continues to increase in both complexity and the level of sophistication of the attacks we observe. Attackers target the most vulnerable resources in an organization and then traverse laterally to target high-value assets. No longer can you ... continue reading
USB7.PNG

Manage USB Devices on Windows Hosts

  Raven is a Miniature Schnauzer that doesn’t like small critters in the yard unless they can fly. This gives Raven an insurmountable challenge, since my wife is such an avid gardener. We live on the side of a hill ... continue reading
ezgif.com-gif-maker (4).gif

Azure Advanced Threat Protection Deployment and Troubleshooting

Hi IT Pros, Recently, I searched the internet and could not find the document for Azure ATP Setup and Troubleshooting. So, I prepared this document for our convenient reference and deployment in the future. Please check it out and give ... continue reading
Figure 1: Highest volume netblocks used in STRONTIUM auth attempts.

STRONTIUM: Detecting new patterns in credential harvesting

Microsoft has tied STRONTIUM to a newly uncovered pattern of Office365 credential harvesting activity aimed at US and UK organizations directly involved in political elections. Analysts from Microsoft Threat Intelligence Center (MSTIC) and Microsoft Identity Security have been tracking this ... continue reading
AppGuard Policies

Microsoft Defender Application Guard for Office

  Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will focus on a future release of Microsoft Defender Application Guard for Office available in limited preview for Windows 10 20H2. Windows 10 20H2 is now available for commercial customers to ... continue reading
tantran55_0-1596287884005.png

Deploying Microsoft Defender Advanced Threat Protection for Linux Servers.

Hi IT Pro,   The following is step-by-step document for Linux ATP deployment.  Let's start your Linux ATP deployment!  ________________________________   Microsoft Defender Advanced Threat Protection (MD ATP) support for Linux with kernel version 3.10.0-327 or later, including the following Linux flavours :  Red Hat Enterprise Linux 7.2 or higher  ... continue reading
An image of the management of the lifecycle of a discovered app.

Microsoft Zero Trust deployment guide for your applications

Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from ... continue reading
Diagram showing pairs of machine learning models on the endpoint and in the cloud using AMSI to detect malicious scripts

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe ... continue reading
An image showing the Microsoft "Permissions requested" dialogue.

How can Microsoft Threat Protection help reduce the risk from phishing?

Microsoft Threat Protection can help you reduce the cost of phishing The true cost of a successful phishing campaign may be higher than you think. Although phishing defenses and user education have become common in many organizations, employees still fall ... continue reading
Advanced Settings

Microsoft Defender ATP: Remediate Apps Using MEM

  Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will walk you through the steps of navigating through the Microsoft Defender Advanced Threat Protection (ATP) portal to see ... continue reading