In the first installment of Securing Microsoft 365 with Graph Activity Logs, Mezba Uddin dives into the essentials of the Microsoft Graph Activity Log, what it does, its importance for visibility, and how to get it running to start seeing it's data.
With Microsoft Power Platform on the rise with over 56 million monthly active users, governance is vital to reduce potential risk. In this first installment of Practical Power Platform, we discuss essential areas Microsoft 365 admins should focus on, including the Power Platform Admin Center, Data Loss Prevention (DLP) policies, tenant isolation, and Microsoft Purview auditing.
Ransomware protection isn’t about a single solution; it’s a layered defense strategy. In this article, we explore a few recommendations that organizations can use to significantly reduce risk and combat ransomware in their tenant.
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.
In this article, Mezba Uddin reviews using Audit Logs and the Graph API to perform six specific investigation actions in Exchange Online to help keep your email environment safe.
Domain controllers are the crown jewels of any Active Directory (AD) deployment. They authenticate every user, enforce every Group Policy Object, and replicate the credentials that keep the business running, making them irresistible to attackers. In this blog, Victor King reviews how to harden your organization against these attacks through ITDR.
Many tenants have inactive guest accounts, and sometimes in large numbers. Microsoft has made it easy to invite guests but harder for guests to voluntarily leave; overall, the lifecycle management process for guest accounts makes it easy to end up with guest ghosts. Finding out whether you’re a guest ghost host is the purpose of this column.
With AiTM phishing attacks on the rise, it is important to have procedures in place to combat future attacks. In this article, we explore three different ways to protect against token theft using Conditional Access.
Microsoft is doing more and more to apply security defaults to our tenants. This is good, but it is still not enough! In this episode of Practical Protection, we dive into a few essential security alerts you should enable in your tenant.
Inactive accounts aren’t glamorous, but they’re a real risk! In this episode of Practical Protection, we dive into the basics of inactive account blocking and share some PowerShell scripts to help automate this process.
In this in episode of Practical Protection, we dive into some recent IT incidents involving applications, and how Intune can be used to block them from your devices.
In this episode of Practical Protection, Paul Robichaux dives into CISA's Microsoft Expanded Cloud Logs Implementation Playbook, its prerequisites, and applying this advice into your organization.
