Select Page
Diagram showing pairs of machine learning models on the endpoint and in the cloud using AMSI to detect malicious scripts

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe ... continue reading
1.jpg

Gaining Trust in Your SCCM Console Monitoring

Hi Everyone! My Name is Fabian Scherer, Customer Engineer (CE – formally PFE) at Microsoft Germany for Microsoft Endpoint Manager related topics.   Challenge During the daily challenges at Customer Environments one thing was coming to my mind on every ... continue reading

Understanding ConfigMgr Software Inventory Throttling

  Hi, Jonas here! Or as we say in the north of Germany: "Moin Moin!"I am a Customer Engineer based in Germany and a while back I was asked about the software inventory (SINV) throttling process and if it can be ... continue reading
Diagram showing process tree

Seeing the big picture: Deep learning-based fusion of behavior signals for threat detection

The application of deep learning and other machine learning methods to threat detection on endpoints, email and docs, apps, and identities drives a significant piece of the coordinated defense delivered by Microsoft Threat Protection. Within each domain as well as ... continue reading
Video Tutorial: Clients and Applications Behind the Scenes - Application Deployment Part 10

Video Tutorial: Clients and Applications Behind the Scenes – Application Deployment Part 10

Hello everyone, here is part 10 of a series focusing on Application Deployment in Configuration Manager. This series is recorded by @Steve Rachui, a Microsoft principal premier field engineer. These tutorials are from our library and uses Configuration Manager 2012 ... continue reading
Video Tutorial: Clients and Packages Behind the Scenes - Application Deployment Part 9

Video Tutorial: Clients and Packages Behind the Scenes – Application Deployment Part 9

Hello everyone, here is part 9 of a series focusing on Application Deployment in Configuration Manager. This series is recorded by @Steve Rachui, a Microsoft principal premier field engineer. These tutorials are from our library and uses Configuration Manager 2012 ... continue reading
Microsoft Endpoint Manager: Create & Audit an ASR Policy

Microsoft Endpoint Manager: Create & Audit an ASR Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating an Attack Surface Reduction (ASR) rule ... continue reading
image002.png

Endpoint Configuration Manager – Site Server High Availability

Overview Endpoint Configuration Manager (Current Branch), supports high availability configurations through various options, which include but are not limited to the following: Any standalone primary site can now have an additional passive mode.* site server Remote content library* SQL Server ... continue reading
Defending Exchange servers under attack

Defending Exchange servers under attack

Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, ... continue reading
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

The increasing pervasiveness of cloud services in today’s work environments, accelerated by a crisis that forced companies around the globe to shift to remote work, is significantly changing how defenders must monitor and protect organizations. Corporate data is spread across ... continue reading