Detecting Midnight Blizzard using Microsoft Sentinel
This blog reviews the Midnight Blizzard Attack, providing some hypothetical scenarios of what actually happened and how it could've been prevented.
February 14, 2024
Latest Articles
2023 Microsoft Security Wrap-Up
With the end of the year in sight, we wanted to look back and see how Microsoft performed with security products in 2023, reviewing some of Microsoft’s biggest announcements and discussing if Microsoft's focus is leaning in the right direction.
December 20, 2023
Signing into a Windows Device Using the Web
In this blog, Thijs Lecomte reviews the new Web Sign-in feature for Windows 11 and its specific use cases.
December 4, 2023
How End-users Can Bypass Exchange Online Protection
Most think that the safe senders list does not override the anti-spam policies configured in Exchange Online, but the opposite is true. In this blog, we discuss how this happens and how to fix it with PowerShell.
October 24, 2023
Identifying Malicious Emails in Inboxes
In this article, Thijs Lecomte discusses how to identify malicious emails using Microsoft Defender for Office 365.
October 10, 2023
Thinking About Microsoft’s Security Service Edge Products
The announcement of Microsoft's Security Service Edge (SSE) Products has gained a lot of buzz in the space. In this blog, Thijs Lecomte breaks down these products and how well the market accepts Microsoft’s SSE initiative.
August 15, 2023
Running Defender for Endpoint on Non-Windows Devices
Over the past few years, Microsoft has proven to have a worthy security product in Microsoft Defender for Endpoint (MDE) for Windows devices. While most talk about Windows when discussing Microsoft Defender, it also supports MacOS, Linux, Android, and iOS. The question arises whether MDE is a mature product for these platforms and if you can entrust Microsoft to protect devices running these operating systems.
August 2, 2023
Microsoft Entra Enters Security Service Edge Market
Microsoft recently announced two new products to the Entra family, Entra Private Access and Entra Internet Access. In this blog, we break down each product and help you decide if they are worth the hype.
July 13, 2023
Stop Using Phone-Based Responses for Multifactor Authentication
While some methods for MFA responses have security issues, people often overlook their practical advantages. Not everyone is ready to dump a valid authentication method. In this article, we take the journey to removing phone-based responses from your tenant while considering some practical implications.
May 9, 2023
Using ‘Untitled Goose’ to Investigate Account Compromise in the Microsoft Cloud
At the end of March 2023, CISA released a new tool called ‘Untitled Goose.’ It is a post-incident hunting tool to help security practitioners sift through security logs in the Microsoft Cloud. In this blog, we discuss the tool, its uses, and our opinion on it.
April 18, 2023
How does Microsoft Defender for Business compare to Defender for Enterprise?
Are you looking to add some extra security to your small organization? Microsoft Defender for Business may be the right fit. Learn more about the capabilities of Microsoft Defender for Business and how it compares to other Microsoft Defender Plans.
April 3, 2023
How Quickly do Threats leak from a Compromised AD into the Cloud?
As organizations move to the cloud, on-premises environments (and their security) are put in the background as the focus shifts to the cloud. Nevertheless, most organizations I know are in a hybrid scenario where the on-premises environment holds the master data and synchronizes everything into Azure Active Directory. This blog explores how an on-premises environment is connected to the cloud and how an attacker might move from on-premises to the cloud laterally.
March 13, 2023