Category: Defender

Section 4 – Mitigate identity threats part 2 of 2

Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…

Continue Reading Section 4 – Mitigate identity threats part 2 of 2

Section 3 – Mitigate endpoint threats by using Microsoft Defender for Endpoint

Welcome to the third section of my SC-200 study guide. First the ones that I didn’t have time to include in the last section but will cover them in different order as in my opinion it makes more sense: And…

Continue Reading Section 3 – Mitigate endpoint threats by using Microsoft Defender for Endpoint

Microsoft 365 Defender role-based access control

The new Microsoft 365 Defender RBAC model makes it simple to migrate existing permissions from the individual supported RBAC models to the new RBAC model. All permissions listed within the Microsoft 365 Defender RBAC model align to permissions in the…

Continue Reading Microsoft 365 Defender role-based access control

Azure AD Access reviews and the power of Machine learning

The above pic is AI based illustration for Access reviews and AI, it sure looks like it. It uses the same theme than many others but still it’s unique. AI has been in the news after OpenAI has created some…

Continue Reading Azure AD Access reviews and the power of Machine learning

SQL Server 2022 and Azure ARC with Azure subscription model

SQL 2022 has arrived and in this post I will try out the new setup that should have Azure ARC install embedded. Why to use Azure ARC with SQL 2022? One reason could be security, you will get these features…

Continue Reading SQL Server 2022 and Azure ARC with Azure subscription model

Do’s and don’ts concerning security for Identity part 7

Once again, more best practices for Identity. In the last part I covered how we can protect your applications from leaking content. Keep your Identities secure and how to keep using MFA after on-premises MFA Server will not work anymore….

Continue Reading Do’s and don’ts concerning security for Identity part 7

Microsoft Defender for Office 365 Detection Details Report

If you want to learn more on from your email security, you could use this template to get and holistic view of what’s going on inside your environment. See here the announcement of the report. Why it matters? You have…

Continue Reading Microsoft Defender for Office 365 Detection Details Report

Do’s and don’ts concerning security for Identity part 2

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. If you still need (haven’t convinced you otherwise) federation services in on-premises, use should use Defender for Identity sensors for ADFS What it needs? ADFS…

Continue Reading Do’s and don’ts concerning security for Identity part 2

Defender for Cloud security alerts

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts