Not too long ago, it was the first day of school, then it was the first NFL game and we just passed the first day of fall.  As seasons change, I am reminded of the things that I should do ... continue reading

We discussed Microsoft Detection and Response Team’s (DART) threat hunting principles in part 1 of The art and science behind Microsoft threat hunting blog series. In this follow-up post, we will talk about some general hunting strategies, frameworks, tools, and ... continue reading

What changes after compromise recovery? After the final compromise recovery, steps have been completed and we are back in control. There has been a round of applause and many sighs of relief.  Now what? Is everything going back to as ... continue reading

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Endpoint protection platforms (EPPs) are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ... continue reading

When summer 2021 ended, many organizations faced the formidable challenge of how to return to their places of work and school safely. Tuskegee University (Tuskegee) was one of them—not only was the safe return of students and faculty to school a priority ... continue reading

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and ... continue reading

When we first released Network ATC, we greatly simplified the deployment and on-going management of host networking in Azure Stack HCI. Whether it was the simple yet powerful deployment experience, a “that was easy” cluster expansion process, or increased reliability ... continue reading

Introduction: In part 1, we saw how to use MEM portal to view and recover Bitlocker recovery keys for ConfigMgr clients that are tenant attached. In part 2 of this blog, we will see how to migrate Bitlocker keys to ... continue reading

Almost two years ago, the National Defense Science Board invited me to participate in the Summer Study 2020 Panel, “Protecting the Global Information Infrastructure.” They requested that I brief them on the evolution of the global communications infrastructure connecting all ... continue reading