Microsoft 365 Security

Everything about Microsoft Security

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

July 5, 2021 Leave a comment

Today we are going to talk about our good old friend or better known as Windows Defender AV. Not to confuse with the EDR solution

How to deploy Sysmon and MMA Agent to receive logs in Azure Sentinel?

May 17, 2021 Leave a comment

Incident Response Series: Reviewing data in Azure AD for investigation

March 16, 2021 Leave a comment

Incident Response Series: Collecting and analyzing logs in azure ad

March 8, 2021 One comment

M365 Advanced Hunting

How to hunt for LDAP reconnaissance within M365 Defender?

May 22, 2021 Leave a comment

Lightweight Directory Access Protocol (LDAP) is one of the core protocols used for directory services. The primary function of LDAP is to enable folks to

Start having visibility in service accounts with defender for identity

March 27, 2021 Leave a comment

Search for:

Buy Me A Coffee

POPULAR THIS WEEK

Analyzing network packets with Wireshark - AD and User Enumeration
Incident Response in a Microsoft cloud environment
What I have learned from doing a year of Cloud Forensics in Azure AD
Practical Compromise Recovery Guidance for Active Directory
Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

Contact

Twitter
LinkedIn