Alright, it’s time to bring together everything we learned so far in this series. Previously, we looked at the simplest way to collect logs, how to use the Log Monitor tool, and how to make things simpler with Windows Admin ... continue reading

Azure Active Directory's Conditional Access feature is great for reducing risk during sign-in attempts, by analyzing the user and sign-in conditions and applying appropriate policy controls. These can include prompting for multi-factor authentication or blocking the sign-in attempt. Unfortunately, some ... continue reading

So far in this blog series, we’ve looked at the basics of troubleshooting applications on Windows containers as well as how to leverage the Log Monitor tool for that purpose. Today we’re going to start looking at ways to make ... continue reading

In recent weeks, Microsoft Security teams have been actively tracking a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements. As this campaign has accelerated, our teams have been focused on detection, customer ... continue reading

When is true not equal to true? An investigation of homoglyphs, their impact on code, and how to detect them. Statement of the problem Here is something I did for fun but stuff like this would be very difficult to ... continue reading

Privacy is of increasing importance to our customers. In addition to the well-known European General Data Protection Regulation (GDPR), privacy regulations are emerging in nearly every region with more than 70 percent of countries now having data protection and privacy ... continue reading

Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent ... continue reading

This article contributed by Linda Murray and Amy McAuley, Assc Consultants in Azure Cloud and AI at Microsoft. You can now connect AWS accounts to Microsoft Defender for Cloud, to get a unified multi-cloud view of your organization's security posture ... continue reading

In my previous blog post, I showed how to manually troubleshoot Windows Containers by opening an interactive session to a container, running a PowerShell session, and using the Get-WinEvent cmdlet to view the application logs on the container instance. While ... continue reading

In building and running a business, the safety and security of your and your customers' sensitive information and data is a top priority, especially when storing financial information and processing payments are concerned. The Payment Card Industry Data Security Standard ... continue reading