Microsoft 365 Security

Everything about Microsoft Security

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

July 5, 2021 Leave a comment

Today we are going to talk about our good old friend or better known as Windows Defender AV. Not to confuse with the EDR solution

How to deploy Sysmon and MMA Agent to receive logs in Azure Sentinel?

May 17, 2021 Leave a comment

Incident Response Series: Reviewing data in Azure AD for investigation

March 16, 2021 Leave a comment

Incident Response Series: Collecting and analyzing logs in azure ad

March 8, 2021 One comment

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Search for:

Buy Me A Coffee

POPULAR THIS WEEK

Incident Response in a Microsoft cloud environment
Credential Access and lateral movement: What can attackers do with the stolen credentials?
What I have learned from doing a year of Cloud Forensics in Azure AD
Using Microsoft Defender for Endpoint during investigation
Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

Contact

Twitter
LinkedIn