Select Page
Threat hunting in Azure Advanced Threat Protection (ATP)

Threat hunting in Azure Advanced Threat Protection (ATP)

As members of Microsoft’s Detection and Response Team (DART), we’ve seen a significant increase in adversaries “living off the land” and using compromised account credentials for malicious purposes. From an investigation standpoint, tracking adversaries using this method is quite difficult ... continue reading
Zero Hype

Zero Hype

At Ignite, I had the privilege of presenting “Zero Hype” with my colleagues Nupur Goyal (@nupur_11) who leads our Product Marketing, and Yinon Costica (@c0stica) who directs program management for Azure Security Center, Microsoft Cloud App Security, and Azure ATP ... continue reading
Image showing "Signers" using in the credential dumping tool signed using a stolen Whizzimo, LLC certificate.

GALLIUM: Targeting global telecom

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers. When Microsoft customers have been targeted by this activity, we notified them directly with the relevant information they need ... continue reading
A timeline of RPO and RTO on a BAU secnario.

Disaster recovery for SAP HANA Systems on Azure

This blog will cover the design, technology, and recommendations for setting up disaster recovery (DR) for an enterprise customer, to achieve best in class recovery point objective (RPO) and recovery time objective (RTO) with an SAP S/4HANA landscape. This post ... continue reading

Assessing your Zero Trust readiness with the Microsoft Maturity Model

The traditional firewall (VPN security model) assumed you could establish a strong perimeter and then trust that activities within that perimeter were “safe.” As we digitally transform our companies, we need to transform our security model to one which assumes ... continue reading
Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model

Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model

Digital transformation has made the traditional perimeter-based network defense obsolete. Your employees and partners expect to be able to collaborate and access organizational resources from anywhere, on virtually any device, without impacting their productivity. Customers expect personalized experiences that demonstrate ... continue reading
clipboard_image_0.png

What are the Differences Between Azure Active Directory and Azure Active Directory Domain Services?

I met with some customers last week, and we had a great conversation about Active Directory and the differences between all the flavours available to them when adopting a hybrid posture. More specifically, what are the difference between: Azure Active ... continue reading
Enhanced Audit Status Message Queries

Enhanced Audit Status Message Queries

First published on TECHNET on Mar 18, 2019Authored by Brandon McMillanHello everyone! My name is Brandon McMillan and I am a System Center Configuration Manager (ConfigMgr) PFE. I have found that Status Message Queries can be one of the more ... continue reading
Chart showing vulnerability, patch release, and outbreak. Vulnerability: MS08-067; Patch release: October 23, 2008; Outbreak: late December 2008. Vulnerability: MS17-010; Patch release: March 14, 2017; Outbreak: May 12, 2017. Vulnerability: CVE-2019-0708; Patch release: May 13, 2019; Outbreak column shows three question marks.

Protect against BlueKeep

Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection ... continue reading
An image depicting how VNet peering connects VNets.

Choosing between Azure VNet Peering and VNet Gateways

As customers adopt Azure and the cloud, they need fast, private, and secure connectivity across regions and Azure Virtual Networks (VNets). Based on the type of workload, customer needs vary. For example, if you want to ensure data replication across ... continue reading