Select Page
An image of the Microsoft 365 Defender dashboard.

Microsoft delivers unified SIEM and XDR to modernize security operations

The threat landscape continues to increase in both complexity and the level of sophistication of the attacks we observe. Attackers target the most vulnerable resources in an organization and then traverse laterally to target high-value assets. No longer can you ... continue reading
An image of Microsoft Defender for Endpoint on an Android device.

Microsoft announces cloud innovation to simplify security, compliance, and identity

2020 will be remembered as a year of historic transformation. The pandemic has changed the way businesses operate and people work. One thing that has not changed is our basic human nature and the need to feel safe. Being safe ... continue reading
An image of Microsoft Defender for Endpoint on an Android device.

Microsoft announces cloud innovation to simplify security, compliance, and identity

2020 will be remembered as a year of historic transformation. The pandemic has changed the way businesses operate and people work. One thing that has not changed is our basic human nature and the need to feel safe. Being safe ... continue reading
An image of Microsoft Secure Score.

Microsoft Security: Use baseline default tools to accelerate your security career

I wrote a series of blogs last year on how gamified learning through cyber ranges can create more realistic and impactful cybersecurity learning experiences and help attract tomorrow’s security workforce. With the global talent shortage in this field, we need ... continue reading
tantran55_0-1596287884005.png

Deploying Microsoft Defender Advanced Threat Protection for Linux Servers.

Hi IT Pro,   The following is step-by-step document for Linux ATP deployment.  Let's start your Linux ATP deployment!  ________________________________   Microsoft Defender Advanced Threat Protection (MD ATP) support for Linux with kernel version 3.10.0-327 or later, including the following Linux flavours :  Red Hat Enterprise Linux 7.2 or higher  ... continue reading
Diagram showing pairs of machine learning models on the endpoint and in the cloud using AMSI to detect malicious scripts

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe ... continue reading
John_Barbare_0-1595942352106.jpeg

Microsoft Defender ATP: Web Content Filtering

Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will focus on the newly released feature of web content filtering in Microsoft Defender Advanced Threat Protection (ATP). Before July 6th, 2020 you either ... continue reading
tantran55_1-1596459568602.png

Microsoft Defender ATP Daily Operation – Part 1

Hello IT Pros, I have combined the information for Security Team who monitor, respond and manage ATP Portal on a daily basis. Please check it out and give your feedback. =================== ALERT MANAGEMENT The Alert response could be done as ... continue reading
tantran55_0-1596287884005.png

Microsoft Advanced Threat Protection for Linux

Microsoft Defender Advanced Threat Protection (MD ATP) support for Linux with kernel version 3.10.0-327 or later, including the following Linux flavours : Red Hat Enterprise Linux 7.2 or higher CentOS 7.2 or higher Ubuntu 16.04 LTS or higher LTS Debian ... continue reading
Diagram showing an attack chain involving attack sprawl and techniques like overpass-the-hash

Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics

In theory, a cyberattack can be disrupted at every phase of the attack chain. In reality, however, defense stack boundaries should overlap in order to be effective. When a threat comes via email, for example, even with good security solutions ... continue reading