Category: Security

Monitoring
0
Microsoft 365

M365 Operating Guide for Sec Ops Teams – Use with Microsoft Sentinel

When building out a SOC team, many organizations quickly realize that there are very few silos left in IT when it comes to cloud. Our SOC members need to have cloud platform skills, M365, Exchange, Active Directory, Azure Active Directory, Windows Server, REHL, and so many more skills. To say this a different way; our cloud landscape is flat, and we need members that have a wide band of skills with some specialties mixed in. This is complex to say the least, and with labour challenges in our post-covid world, we need ways to upskill our teams and build out operations manuals and tasks to support those teams.

Posted on 7:30 am
Security
0
Data Storage

The Mysteries of Log Analytics Workspaces

Log Analytics workspaces provide a special way to store log data from multiple sources such as Microsoft Defender for Cloud, Azure Monitor, and so much more. A workspace typically combines data from multiple services and likely has it’s own distinct configuration for retention. I get a lot of questions about what the differences between workspaces within the Log Analytics scope are and why we would use them. Let’s take a look today at some of the information around Microsoft Azure Log Analytics Workspaces.

Posted on 8:56 pm
Application Gateway
0
security vulnerability

Log4j Vulnerability Summary

Log4J is a widely used Java library for logging error messages in applications. It is used in enterprise software applications, both custom and packaged, and forms part of many cloud computing platforms and services. I’ve summarized the threat and mitigation suggestions as well as a number of external resources that may save you some time in putting together your security change requests.

Posted on 11:20 am
Azure Active Directory
0
Microsoft Defender for Endpoint

Evaluate Microsoft Defender for Endpoint – Part 3

n this third article in our mini-series on setting up a Microsoft Defender for Endpoint labs environment we will be getting things running this week by adding devices and deploying simulations into the labs environment. This will effectively be like sending viruses out to our devices inside the labs simulator! Let’s do what we always do….dive right in!

Posted on 6:59 am
Automation
0
AzureTracks Azure News Update

Azure Updates – Number 6 – March 13, 2021

A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Save time digging around to find recent releases and changes. Released March 13th. Great updates and sunny days on the way!

Posted on 9:18 am