Many tenants have inactive guest accounts, and sometimes in large numbers. Microsoft has made it easy to invite guests but harder for guests to voluntarily leave; overall, the lifecycle management process for guest accounts makes it easy to end up with guest ghosts. Finding out whether you’re a guest ghost host is the purpose of this column.
With AiTM phishing attacks on the rise, it is important to have procedures in place to combat future attacks. In this article, we explore three different ways to protect against token theft using Conditional Access.
Microsoft is doing more and more to apply security defaults to our tenants. This is good, but it is still not enough! In this episode of Practical Protection, we dive into a few essential security alerts you should enable in your tenant.
Inactive accounts aren’t glamorous, but they’re a real risk! In this episode of Practical Protection, we dive into the basics of inactive account blocking and share some PowerShell scripts to help automate this process.
In this in episode of Practical Protection, we dive into some recent IT incidents involving applications, and how Intune can be used to block them from your devices.
In this episode of Practical Protection, Paul Robichaux dives into CISA's Microsoft Expanded Cloud Logs Implementation Playbook, its prerequisites, and applying this advice into your organization.
Securing applications in an Entra tenant is crucial, especially after recent attacks like Midnight Blizzard. This article reviews how to use PowerShell to help identify privileged applications, their permissions, as well as client Secrets.
In this installment of practical protection, we dive into two kinds of crimes, and how you can practically apply that knowledge to securing your network and services within your organization.
In this episode of Practical Sentinel, we dive into the MITRE ATT&CK framework and how to integrate it within your environment through Microsoft Sentinel & Defender XDR.
With 2025 in full swing, it's time to do some reflecting! In this episode of practical protection, we look back at the major Microsoft security events in 2024 and how you can prepare yourself for what's to come in 2025.
This episode of Practical Protection dives into connected experiences, what they are, and debunks some claims that were made regarding AI models using customer data via Connected Experiences.
In this episode of Practical Sentinel, we explain how to use Microsoft Sentinel’s SOAR capabilities to build automation on top of networking data through enrichments, automated actions, and threat intelligence integrations.
