Authentication

Monitoring Kubernetes Clusters, Image Build Environment and Container Registries with Sentinel

A guide to using Microsoft Sentinel for monitoring the security of your containerized applications and orchestration platforms. Part 1 of 3 part series about security monitoring of your Kubernetes Clusters and CI/CD pipelines by @singhabhi and @Umesh_Nagdev   Introduction  Microsoft Sentinel is a cloud-native security information and event management (SIEM) platform that provides comprehensive threat detection and response capabilities […]

Monitoring Kubernetes Clusters, Image Build Environment and Container Registries with Sentinel Continue Reading

Protecting Tier 0 the Modern Way

How should your Tier 0 Protection look like? Almost every attack on Active Directory you hear about today – no matter if ransomware is involved or not – (ab)uses credential theft techniques as the key factor for successful compromise. Microsoft’s State of Cybercrime report confirms this statement: “The top finding among ransomware incident response engagements

Protecting Tier 0 the Modern Way Continue Reading

Protect unmanaged or 3rd party MDM managed iOS/Android devices with MDE

Mobile devices are increasingly targeted by cyberattacks that can compromise your data, privacy, and productivity. To protect your devices from these threats, you need a Mobile Threat Defense (MTD) solution that can detect and respond to malicious activities on your device and network. Microsoft Defender for Endpoint is a unified endpoint security platform that provides

Protect unmanaged or 3rd party MDM managed iOS/Android devices with MDE Continue Reading

Cyber Signals: Navigating cyberthreats and strengthening defenses in the era of AI

The world of cybersecurity is undergoing a massive transformation. AI is at the forefront of this change, and has the potential to empower organizations to defeat cyberattacks at machine speed, address the cyber talent shortage, and drive  innovation and efficiency in cybersecurity. However, adversaries can use AI as part of their exploits, and it’s never

Cyber Signals: Navigating cyberthreats and strengthening defenses in the era of AI Continue Reading

Staying ahead of threat actors in the age of AI

Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of AI. Defenders are only beginning to recognize and apply the power of generative AI to shift the cybersecurity balance in their favor and keep ahead of adversaries. At the same time, it is also important

Staying ahead of threat actors in the age of AI Continue Reading

Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team

Organizations everywhere are on a lightning-fast learning trajectory to understand the potential of generative AI and its implications for their security, their workforce, and the industry at large. AI is quickly becoming a force multiplier—presenting significant opportunities for security teams to increase productivity, save time, upskill resources, and more. News and information about “the age

Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team Continue Reading

Firewall considerations for gMSA on Azure Kubernetes Service

This week I spent some time helping a customer with a gMSA environment on which they were finding some issues in deploying their app. The issues started when they were trying to figure out why the Kerberos ticket was not being issues for the Window pod with gMSA configured in AKS. I decided to write

Firewall considerations for gMSA on Azure Kubernetes Service Continue Reading

Auto Rollout of Conditional Access Policies in Microsoft Entra ID

In November 2023 at Microsoft Ignite, we announced Microsoft-managed policies and the auto-rollout of multifactor authentication (MFA)-related Conditional Access policies in customer tenants. Since then, we’ve rolled out report-only policies for over 500,000 tenants. These policies are part of our Secure Future Initiative, which includes key engineering advances to improve security for customers against cyberthreats that we

Auto Rollout of Conditional Access Policies in Microsoft Entra ID Continue Reading

Microsoft Entra Verified ID introduces Face Check in preview

Today, I’m thrilled to announce the expansion of Microsoft Entra Verified ID to include Face Check—a privacy-respecting facial matching feature for high-assurance verifications, which is now in preview. Watch the video to learn more and read on for how you can get started today. Try Face Check for yourself. Verified ID: Verify once, use everywhere In

Microsoft Entra Verified ID introduces Face Check in preview Continue Reading

3 new ways the Microsoft Intune Suite offers security, simplification, and savings

Today, we are taking a significant step in completing the delivery of functionality we promised when we first unveiled the vision for the Microsoft Intune Suite.1 We are launching three new solutions: Microsoft Intune Enterprise Application Management, Microsoft Intune Advanced Analytics, and Microsoft Cloud PKI. With these additions, the Intune Suite now goes beyond unified

3 new ways the Microsoft Intune Suite offers security, simplification, and savings Continue Reading