Practical Protection: Getting Started with Graph Threat Hunting
In this episode of Practical Protection, we dive into the basics of Threat Hunting, tools you can use, and even some DIY hunting advice.
June 17, 2025
Latest Articles
Practical Protection: Controlling OneDrive Personal Sync
In this installment of Practical Protection, we look at Microsoft’s new OneDrive feature that prompts users to sync personal accounts on managed devices. While intended to reduce shadow IT, it risks exposing corporate data. With no option for admins to opt-out, we provide some advice on what you should do to prepare.
May 28, 2025
Practical Protection: Protecting Your Tenant by Restricting Applications
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.
May 6, 2025
Practical AI: Managing My Travel Calendar with PowerShell
AI is supposed to make our lives easier, so how about writing some PowerShell to block out timeslots in a travek calendar when the calendar's owner is on the move? Eventually AI gets the task done, but it needed some coaching and firm instruction along the way.
April 14, 2025
Practical Protection: Auditing Guest Access in your Microsoft 365 Tenant
Many tenants have inactive guest accounts, and sometimes in large numbers. Microsoft has made it easy to invite guests but harder for guests to voluntarily leave; overall, the lifecycle management process for guest accounts makes it easy to end up with guest ghosts. Finding out whether you’re a guest ghost host is the purpose of this column.
April 7, 2025
Practical Protection: Three Essential Security Alerts You Should Enable
Microsoft is doing more and more to apply security defaults to our tenants. This is good, but it is still not enough! In this episode of Practical Protection, we dive into a few essential security alerts you should enable in your tenant.
March 19, 2025
Practical Protection: Automating Inactive Account Blocking with PowerShell
Inactive accounts aren’t glamorous, but they’re a real risk! In this episode of Practical Protection, we dive into the basics of inactive account blocking and share some PowerShell scripts to help automate this process.
March 6, 2025
Practical Protection: Banning Apps with Intune
In this in episode of Practical Protection, we dive into some recent IT incidents involving applications, and how Intune can be used to block them from your devices.
February 24, 2025
Practical Protection: Logging – What the Feds Say You’re Doing Wrong
In this episode of Practical Protection, Paul Robichaux dives into CISA's Microsoft Expanded Cloud Logs Implementation Playbook, its prerequisites, and applying this advice into your organization.
February 5, 2025
Practical Protection: Two Kinds of Bad
In this installment of practical protection, we dive into two kinds of crimes, and how you can practically apply that knowledge to securing your network and services within your organization.
January 15, 2025
Practical Protection: Heading Into 2025
With 2025 in full swing, it's time to do some reflecting! In this episode of practical protection, we look back at the major Microsoft security events in 2024 and how you can prepare yourself for what's to come in 2025.
January 6, 2025
Practical Protection: The Great “Connected Experiences” Panic of 2024
This episode of Practical Protection dives into connected experiences, what they are, and debunks some claims that were made regarding AI models using customer data via Connected Experiences.
December 11, 2024
- 1
- 2
- 3
- 4
- …
- 8
- Go to the next page