Microsoft 365 Security

Everything about Microsoft Security

Menu

  • M365 Advanced Hunting
  • Azure Sentinel
  • Azure Active Directory
  • KQL
  • Microsoft Identity
  • Windows OS
  • Jupyter Notebooks
  • About
  • Active Directory
  • Incident Response
  • M365 Defender

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

July 5, 2021 Leave a comment

Today we are going to talk about our good old friend or better known as Windows Defender AV. Not to confuse with the EDR solution

How to deploy Sysmon and MMA Agent to receive logs in Azure Sentinel?

May 17, 2021 Leave a comment

Incident Response Series: Reviewing data in Azure AD for investigation

March 16, 2021 Leave a comment

Incident Response Series: Collecting and analyzing logs in azure ad

March 8, 2021 One comment

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Buy Me A Coffee

POPULAR THIS WEEK

  • Analyzing network packets with Wireshark - AD and User Enumeration
  • Incident Response in a Microsoft cloud environment
  • What I have learned from doing a year of Cloud Forensics in Azure AD
  • Practical Compromise Recovery Guidance for Active Directory
  • Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

CATEGORIES

  • M365 Advanced Hunting
  • Azure Sentinel
  • Azure Active Directory
  • KQL
  • Microsoft Identity
  • Windows OS
  • Jupyter Notebooks

Contact

  • Twitter
  • LinkedIn

Recent Posts

  • Analyzing network packets with Wireshark – AD and User Enumeration
  • Lateral Movement with Managed Identities of Azure Virtual Machines
  • Azure IaaS: Managing Azure Virtual Machines
  • Kerberoast with OpSec
  • Revisiting Constrained Delegation

Tags

Jupyter Notebooks
Blog at WordPress.com.
  • Follow Following
    • Microsoft 365 Security
    • Already have a WordPress.com account? Log in now.
    • Microsoft 365 Security
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Copy shortlink
    • Report this content
    • View post in Reader
    • Manage subscriptions
    • Collapse this bar