0

Incident Response Foundations – Identity

In today’s post I talk about responding to a compromised identity in Microsoft Entra ID. There is a lot of advice floating around on what to do and how to respond; I’m bringing experiences and existing guidelines together to provide a solid foundational starting point for identity based incident response in this post.

Posted on 7:12 am
0

Strengthening Cybersecurity: Protecting Against 99% of Attacks

In the ever-evolving landscape of cybersecurity, one undeniable truth stands out—implementing fundamental security hygiene practices can thwart the vast majority of cyberattacks. By adhering to these minimum-security standards, it is possible to protect against over 99 percent of attacks. In this article, we’ll delve into these essential practices and explore how they can fortify your defenses.

Continuing the theme of exploring highlights from the Microsoft Digital Defense Report #MDDR 2023, today we walk through the top 5 security fundamentals to better enhance all organizations digital defenses.

Posted on 2:20 pm
0
Microsoft Authenticator Policies

Modernize your Microsoft Authenticator Policies

Getting ready to move into Azure Active Directory or make changes to your Microsoft Entra configurations? The last few weeks I’ve talked about MFA and conditional access rules; so this week we will look at the preview for Microsoft Authenticator Policies, then change gears and talk about how to get our users excited about these security enhancements.

Posted on 7:15 am
0
Authentication and Security

Ready to modernize your MFA?

Just using MFA in it’s basic form is not enough. Today, we take a trip through modern authentication methods, modernizing, and becoming more phish-resistant. I talk top 3 challenges and how to tackle them together!

Posted on 7:10 am

Where to find Incident Investigation Artifacts in M365

A common challenge that security teams face is simply not knowing where all the artifacts can be found during an investigation. Microsoft Defender tools are capable of collecting a lot of data, and that can create questions during investigations of where is all this data and how do I find it quickly? Join me for a tour of the basics of Defender data retention periods and where to find that data.

Posted on 7:00 am

Evaluate Microsoft Defender for Endpoint – Part 3

n this third article in our mini-series on setting up a Microsoft Defender for Endpoint labs environment we will be getting things running this week by adding devices and deploying simulations into the labs environment. This will effectively be like sending viruses out to our devices inside the labs simulator! Let’s do what we always do….dive right in!

Posted on 6:59 am