Category: Defender

Section 4 – Mitigate identity threats part 2 of 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/03/2023 0 Comments on Section 4 – Mitigate identity threats part 2 of 2
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Certificates, Conditional access, Cross-tenant, Defender, Entra, Hybrid, Identity, On-premises, SC-200, Security, Zero trust

Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…

Continue Reading Section 4 – Mitigate identity threats part 2 of 2

Section 3 – Mitigate endpoint threats by using Microsoft Defender for Endpoint

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 19/02/2023 0 Comments on Section 3 – Mitigate endpoint threats by using Microsoft Defender for Endpoint
Posted in Azure, Defender, Identity, Intune, SC-200, Security, Study guide

Welcome to the third section of my SC-200 study guide. First the ones that I didn’t have time to include in the last section but will cover them in different order as in my opinion it makes more sense: And…

Continue Reading Section 3 – Mitigate endpoint threats by using Microsoft Defender for Endpoint

Section 1 – Mitigate threats using Microsoft 365 Defender – Mitigate threats to the productivity environment by using Microsoft 365 Defender

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/02/2023 0 Comments on Section 1 – Mitigate threats using Microsoft 365 Defender – Mitigate threats to the productivity environment by using Microsoft 365 Defender
Posted in Azure, Certifications, Defender, SC-200, Security

Welcome to the first part of my SC-200 study guide. In this section I will go through the following content: What benefits you get from Defender for Office 365? How to try out Defender? As an existing Microsoft 365 customer,…

Continue Reading Section 1 – Mitigate threats using Microsoft 365 Defender – Mitigate threats to the productivity environment by using Microsoft 365 Defender

Microsoft 365 Defender role-based access control

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 29/01/2023 0 Comments on Microsoft 365 Defender role-based access control
Posted in Azure, Azure AD, Compliance, Defender, IAM, Microsoft 365, Security

The new Microsoft 365 Defender RBAC model makes it simple to migrate existing permissions from the individual supported RBAC models to the new RBAC model. All permissions listed within the Microsoft 365 Defender RBAC model align to permissions in the…

Continue Reading Microsoft 365 Defender role-based access control

Azure AD Access reviews and the power of Machine learning

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 11/12/2022 0 Comments on Azure AD Access reviews and the power of Machine learning
Posted in Access Reviews, Azure, Azure AD, Defender, Entra, IAM, Identity, Security

The above pic is AI based illustration for Access reviews and AI, it sure looks like it. It uses the same theme than many others but still it’s unique. AI has been in the news after OpenAI has created some…

Continue Reading Azure AD Access reviews and the power of Machine learning

SQL Server 2022 and Azure ARC with Azure subscription model

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/11/2022 0 Comments on SQL Server 2022 and Azure ARC with Azure subscription model
Posted in Azure, Azure AD, Azure ARC, Compliance, Defender, IAM, Identity, Identity Platform, Microsoft Purview, On-premises, Powershell, Security, SQL

SQL 2022 has arrived and in this post I will try out the new setup that should have Azure ARC install embedded. Why to use Azure ARC with SQL 2022? One reason could be security, you will get these features…

Continue Reading SQL Server 2022 and Azure ARC with Azure subscription model

Do’s and don’ts concerning security for Identity part 7

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 7
Posted in Authentication methods, Azure, Conditional access, Defender, Identity, Identity Platform, Microsoft Graph, Security

Once again, more best practices for Identity. In the last part I covered how we can protect your applications from leaking content. Keep your Identities secure and how to keep using MFA after on-premises MFA Server will not work anymore….

Continue Reading Do’s and don’ts concerning security for Identity part 7

Microsoft Defender for Office 365 Detection Details Report

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 14/11/2022 0 Comments on Microsoft Defender for Office 365 Detection Details Report
Posted in Azure, Defender, Identity, Microsoft Sentinel, Power BI, Security

If you want to learn more on from your email security, you could use this template to get and holistic view of what’s going on inside your environment. See here the announcement of the report. Why it matters? You have…

Continue Reading Microsoft Defender for Office 365 Detection Details Report

Do’s and don’ts concerning security for Identity part 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/10/2022 0 Comments on Do’s and don’ts concerning security for Identity part 2
Posted in AAD Connect, Active Directory, Azure, Azure AD, Defender, Hybrid, Identity, Security

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. If you still need (haven’t convinced you otherwise) federation services in on-premises, use should use Defender for Identity sensors for ADFS What it needs? ADFS…

Continue Reading Do’s and don’ts concerning security for Identity part 2

Defender for Cloud security alerts

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 30/09/2022 0 Comments on Defender for Cloud security alerts
Posted in Azure, Defender, Hybrid, Identity, KQL, Security

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts