How to Use Microsoft 365 Defender and Sentinel to Defend Against Zero Day Threats: Part I
This article discusses the four main steps to mitigate a zero-day threat Using Microsoft 365 Defender and Sentinel.
November 2, 2022
Latest Articles
Using KQL to Master Sentinel Data
Kusto Query Language, or KQL for short, is omnipresent in the Microsoft world and is used in different product stacks. Like any language, KQL can be challenging to understand and know where to start. This article is intended to help newcomers to get started.
October 27, 2022
Choosing an Appropriate Retention Period for Microsoft Sentinel Workspaces
When you deploy Microsoft Sentinel, one of the most important design decisions is determining the appropriate data retention period.
September 13, 2022
New security products added to the Microsoft stack
Earlier this month, Microsoft announced two new products in the Microsoft cloud Security stack. Both products were acquired from reputable tech companies in the space.
August 18, 2022
Handling Inactive Devices in Microsoft Defender for Endpoint
Managing inactive devices is a confusing concept for an administrator just starting with Microsoft Defender for Endpoint. This article will provide key insights on how organizations can handle inactive devices within Microsoft Defender for Endpoint.
August 3, 2022
Day-to-day Management for Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is not a product you roll out and forget. To get the most out of this tool on a day-to-day basis, we walk through some actions administrators should be doing to keep current with the product.
June 29, 2022
When You Should Disable Azure AD Security Defaults
Security Defaults is a control in Azure Active Directory which has been around since 2019 and is enabled by default on new tenants created after October 2019. Microsoft recently announced they will now start turning on Azure AD security defaults for existing tenants. Throughout this blog we will explore what this means and if Security Defaults is the right fit for your organization.
June 13, 2022
Monitoring Microsoft Information Protection with Microsoft Sentinel
Microsoft Information Protection generates a lot of information for administrators to monitor and digest, spotting anomalies in all that is difficult. Thijs Lecomte explores how and why you may want to use Microsoft Sentinel to ingest and analyze this data instead.
May 24, 2022
Making the Case for Identity Governance in Azure Active Directory
Identity Governance within Azure Active Directory Premium Plan 2 can help administrators bring balance to identity controls and streamline sign-in. In this article, I describe what's in Identity Governance and how those features can assist with identity management.
May 12, 2022
Why Continuous Access Evaluation (CAE) for Azure AD Matters
Continuous access evaluation (CAE) is a feature that flew under the radar over the past two years. Even so, CAE for Azure Active Directory is an extremely important feature that will not only increase the security posture of your environment but reduce the amount of time before a user loses access to resources when certain critical events happen. This article discusses the need for the feature and how to work with it.
March 22, 2022
Ten Ways to Harden the Security of Your Microsoft 365 Tenant – Part 2
Over the years, the Microsoft security stack has become very feature rich and offers many ways to customize the configuration. Third-party products are available with similar features, but lack the integration capability of the Microsoft stack. In the second part of the "Ten Ways to Harden the Security of Your Microsoft 365 Tenant" series, we look at five ways to secure your environment using controls that require a premium license such as Office E5 or Azure AD Premium.
March 2, 2022
Ten Ways to Harden the Security of a Microsoft 365 Tenant
If there's one topic all administrators can agree on, it's that security is something every organization should work to improve in 2022. In this two-part article series, we explain ten different ways to improve tenant security that every administrator should consider. The first part reviews five ways to harden tenant security without the need for extra licenses, using controls that every organization can implement.
February 17, 2022