Recent Posts

Graph activity logs is now generally available

What you do with it? Privileges To access the Microsoft Graph activity logs, you need the following privileges. What information is available? Column Type Description AadTenantId string The Azure AD tenant ID. ApiVersion string The API version of the event….

Continue Reading Graph activity logs is now generally available

Defender for Office 365 and QR-code phishing

There is no way to tell with an human eye what those QR codes are, even in the picture above, there are two than can be read with your phone and no they are not malicious, try it for yourself….

Continue Reading Defender for Office 365 and QR-code phishing

Section 12 – Plan and manage eDiscovery and Content search

Choose between eDiscovery (Standard) and eDiscovery (Premium) based on an organization’s requirements Feature Content Search eDiscovery (Standard) eDiscovery (Premium) Search Capabilities Basic Basic Basic Export Results Yes Yes Yes Permissions Role-based N/A N/A Legal Features – Yes Yes Case Management…

Continue Reading Section 12 – Plan and manage eDiscovery and Content search

Copilot for Security: Your AI Partner 🤖

What is Copilot for Security? Microsoft Copilot for Security shatters traditional security software limitations. It leverages cutting-edge large language models (LLMs) from Open AI, along with vast security data and threat intelligence (encompassing a staggering 78 trillion daily security signals),…

Continue Reading Copilot for Security: Your AI Partner 🤖

Unify SIEM and XDR for Enhanced Threat Detection

Now when you open Defender portal (https://security.microsoft.com) you will see the above displayed, this feature is now in Public preview and let’s how the process works. Defender XDR and Sentinel: Working Together This table summarizes the key functionalities and considerations…

Continue Reading Unify SIEM and XDR for Enhanced Threat Detection

How many Conditional Access policies you can create?

Is there a reason for this article? There is always a reason to write on Conditional Access but for this specific topic, decided to write when I got results from a Poll I created out of the blue, asking the…

Continue Reading How many Conditional Access policies you can create?

SCIMming with PIM for Groups

The process of creating Groups for PIM is super easy. Let’s go through it. History Before you had to assign roles to a particular user and they raised their permissions. Then you added the same role to another person and…

Continue Reading SCIMming with PIM for Groups

Section 13 – Manage and analyze audit logs and reports in Microsoft Purview

Choose between Audit (Standard) and Audit (Premium) based on an organization’s requirements Standard vs. Premium Audit Features Capability Audit (Standard) Audit (Premium) Enabled by default Thousands of searchable audit events Audit search tool in the compliance portal Search-UnifiedAuditLog cmdlet Export…

Continue Reading Section 13 – Manage and analyze audit logs and reports in Microsoft Purview

Deep dive on Copilots and Security

Microsoft Copilots Microsoft Copilot isn’t a single service, but rather a suite of AI-powered assistants designed to enhance productivity and security across various Microsoft products and services. Here’s a breakdown of the different Copilots available: Security Copilot architecture, I could…

Continue Reading Deep dive on Copilots and Security

In-browser protection with Microsoft Edge for Business (Preview)

What is Microsoft Edge for Business? It’s a web browser designed specifically for organizations. It builds upon the standard Microsoft Edge browser, adding features that benefit both IT professionals and regular users. Here are some key capabilities of Microsoft Edge…

Continue Reading In-browser protection with Microsoft Edge for Business (Preview)