Threat Intelligence

Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs

This is the first article in a series: Stop Worrying and Love the Outage, Vol I: Group Policy and Sharing Violations Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs Hello, it’s Chris Cartwright from the Directory Services support team again.  This is the second entry in a series where I […]

Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs Continue Reading

MDTI Earns Impactful Trio of ISO Certificates

We are excited to announce that Microsoft Defender Threat Intelligence (MDTI) has achieved ISO 27001, ISO 27017 and ISO 27018 certifications. The ISO, the International Organization for Standardization, develops market relevant international standards that support innovation and provide solutions to global challenges, including information security requirements around establishing, implementing, and improving an Information Security Management

MDTI Earns Impactful Trio of ISO Certificates Continue Reading

Announcing Microsoft’s open automation framework to red team generative AI Systems

Today we are releasing an open automation framework, PyRIT (Python Risk Identification Toolkit for generative AI), to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems. At Microsoft, we believe that security practices and generative AI responsibilities need to be a collaborative effort. We are deeply committed to

Announcing Microsoft’s open automation framework to red team generative AI Systems Continue Reading

Get the most out of Microsoft Copilot for Security with good prompt engineering

The process of writing, refining, and optimizing inputs—or “prompts”—to encourage generative AI systems to create specific, high-quality outputs is called prompt engineering. It helps generative AI models organize better responses to a wide range of queries—from the simple to the highly technical. The basic rule is that good prompts equal good results. Prompt engineering is

Get the most out of Microsoft Copilot for Security with good prompt engineering Continue Reading

Navigating NIS2 requirements with Microsoft Security solutions

The Network and Information Security Directive 2 (NIS2) is a continuation and expansion of the previous European Union (EU) cybersecurity directive introduced back in 2016. With NIS2, the EU expands the original baseline of cybersecurity risk management measures and reporting obligations to include more sectors and critical organizations. The purpose of establishing a baseline of

Navigating NIS2 requirements with Microsoft Security solutions Continue Reading

Monitoring Kubernetes Clusters, Image Build Environment and Container Registries with Sentinel

A guide to using Microsoft Sentinel for monitoring the security of your containerized applications and orchestration platforms. Part 1 of 3 part series about security monitoring of your Kubernetes Clusters and CI/CD pipelines by @singhabhi and @Umesh_Nagdev   Introduction  Microsoft Sentinel is a cloud-native security information and event management (SIEM) platform that provides comprehensive threat detection and response capabilities

Monitoring Kubernetes Clusters, Image Build Environment and Container Registries with Sentinel Continue Reading

Defender for Cloud deployment in AWS/GCP – Agents, Resources, IAM and Cleanup options

Objective of the article The purpose of this article is to provide organizations with a comprehensive understanding of all the agents and resources deployed as part of Defender for Server, Defender for Container, Defender for SQL in their AWS/GCP environment by Defender for Cloud. The article aims to guide organizations on the impact of Defender

Defender for Cloud deployment in AWS/GCP – Agents, Resources, IAM and Cleanup options Continue Reading

Manage the latest versions of Azure Stack HCI with SCVMM

Azure Stack HCI is a hybrid cloud solution that lets you run virtualized workloads on-premises with direct access to Azure services. It combines the performance, security, and scalability of hyperconverged infrastructure (HCI) with the flexibility and innovation of Azure.  As a datacenter scale customer, to take full advantage of these new capabilities, you need a

Manage the latest versions of Azure Stack HCI with SCVMM Continue Reading

Protecting Tier 0 the Modern Way

How should your Tier 0 Protection look like? Almost every attack on Active Directory you hear about today – no matter if ransomware is involved or not – (ab)uses credential theft techniques as the key factor for successful compromise. Microsoft’s State of Cybercrime report confirms this statement: “The top finding among ransomware incident response engagements

Protecting Tier 0 the Modern Way Continue Reading

Protect unmanaged or 3rd party MDM managed iOS/Android devices with MDE

Mobile devices are increasingly targeted by cyberattacks that can compromise your data, privacy, and productivity. To protect your devices from these threats, you need a Mobile Threat Defense (MTD) solution that can detect and respond to malicious activities on your device and network. Microsoft Defender for Endpoint is a unified endpoint security platform that provides

Protect unmanaged or 3rd party MDM managed iOS/Android devices with MDE Continue Reading