Practical Protection: Getting Started with Graph Threat Hunting
In this episode of Practical Protection, we dive into the basics of Threat Hunting, tools you can use, and even some DIY hunting advice.
June 17, 2025
Active Directory Security and Configuration Best Practices with Victor King: Practical 365 Podcast S04E40
In this episode, Steve Goodman and Bastiaan Verdonk interview Victor King from Quest Software, on best practices for Active Directory security. They discuss identifying misconfigurations, managing privileged access, and continuous environmental monitoring.
June 16, 2025
Securing Microsoft 365 with Graph Activity Logs
In the first installment of Securing Microsoft 365 with Graph Activity Logs, Mezba Uddin dives into the essentials of the Microsoft Graph Activity Log, what it does, its importance for visibility, and how to get it running to start seeing it's data.
June 10, 2025
Practical Purview: Removing Old Items from User Calendars
A reader wants to remove all calendar items over a certain age. Compliance purge actions seem like a good way to do this, but there's a problem that needs to be fixed. eDiscovery purges can do the job, but only if you have eDiscovery Premium. And then there's Graph APIs to consider. All in all, many ways exist to purge calendar items.
June 9, 2025
Avoid The Five Big Errors in Graph PowerShell Scripts
Everyone learns from experience. This article covers five important building blocks for writing great Graph PowerShell scripts, the product of hard-won experience and many mistakes. Filtering, properties, permissions, and pagination all make the list.
June 4, 2025
Practical PowerShell: Crafting Collections
PowerShell scripting becomes far more powerful when you master collections like arrays and hash tables. In this article, we review the basics of standard collection types. Then, walk through additional useful options that leverage other object types available through the .NET Framework.
June 3, 2025
How to Limit Groups Administrator Access to Specific Groups
This article explains how to scope groups administration using apps and restricted administration units to make sure that only certain administrators can manage certain groups programmatically. Although this is probably not something that is needed for some tenants, it's a technique that could be used in many situations.
June 2, 2025
Practical Graph: Working with Calendar Events Using Graph APIs
Calendar events make up user and group calendars. It's possible to create, update, cancel, and remove calendar appointments and meetings, including recurring events, through the Graph API. This article explains how to pass all the properties needed to create and manage events using PowerShell and the Graph APIs.
May 29, 2025
Practical Protection: Controlling OneDrive Personal Sync
In this installment of Practical Protection, we look at Microsoft’s new OneDrive feature that prompts users to sync personal accounts on managed devices. While intended to reduce shadow IT, it risks exposing corporate data. With no option for admins to opt-out, we provide some advice on what you should do to prepare.
May 28, 2025
Practical Power Platform: Areas for Microsoft 365 Administrators to Explore
With Microsoft Power Platform on the rise with over 56 million monthly active users, governance is vital to reduce potential risk. In this first installment of Practical Power Platform, we discuss essential areas Microsoft 365 admins should focus on, including the Power Platform Admin Center, Data Loss Prevention (DLP) policies, tenant isolation, and Microsoft Purview auditing.
May 27, 2025
Practical Sentinel: Reviewing and Optimizing costs
Microsoft Sentinel is based on the Azure stack and thus billed as part of your Azure consumption. It is important to be wary of the monthly cost as it can quickly expand if it is not being watched carefully. In this blog, we provide practical advice on how to manage and optimize your costs in Sentinel.
May 22, 2025
Microsoft 365 Numbers, Viva Engage Evolution, and Cybersecurity Leadership with Adam Banks: The Practical 365 Podcast S04 E39
In this episode, Steve and Paul dissect Microsoft's latest financial report, explore the evolving landscape of Viva Engage, and discuss the rise of Copilot agents. Plus, former Maersk CTO Adam Banks joins to share insights on cybersecurity leadership and the mindset shifts needed in IT.
May 21, 2025