Azure Sentinel: Use Cloud SIEM for Advanced Threat Detection. Azure Sentinel simplifies security operations with intelligent security analytics and scales as you grow. It modernizes your security operations center (SOC) by uncovering sophisticated threats and responding with a comprehensive SIEM solution for proactive threat detection, investigation, and response. With Microsoft continually investing in its security […]
Recent Cyber Threats Targeting Microsoft Exchange Server. Microsoft Exchange servers remain a prime focus for threat actors, as evidenced by the sustained targeting they endure. Despite the migration of some businesses to cloud services like O365, Exchange on-premise continues to have a large presence amongst publicly exposed services. Unlike standard web applications, Exchange requires a […]
SharePoint Online Security Best Practices. Efficient collaboration and secure data sharing form the backbone of enterprise success. A common tool is a Sharepoint. Whilst some opt to host SharePoint within their boundary walls, most have migrated over to the online version to utilize Microsoft’s cloud capabilities. In doing so, Microsoft takes the majority of responsibilities […]
The Role of Machine Learning in Azure AD User Monitoring. In our rapidly evolving digital landscape, the traditional concept of an “endpoint” has transcended its old definition of merely being a user’s device. With the widespread integration of cloud-based identity providers, user directories are no longer confined within the secure boundaries of network perimeters. This […]
Azure Threat Detection & Response: How to Detect & Respond. The cloud movement greatly changed the attack surface. Organizations find that detection and alerting are not that straightforward. In the past, perimeter security was simple. But with the cloud your security operations team needs visibility for identities, devices, networks, applications, data… the list goes on. […]
Real-time Monitoring with Azure AD Auditing: SIEM/ Analytics Tools. Enabling Entra ID (AzureAD) logging is crucial for securing your identities. Doing only that however wont improve your incident response. Companies should instead look to ingest these logs into their current security operations center (SOC) model. In most cases, this means feeding the logs into their […]
Azure VM Security: Antivirus, Patching & Endpoint Protection. Azure virtual machines (VMs) are a popular choice for businesses of all sizes. They offer a scalable and reliable platform for hosting workloads. However, it is important to take steps to secure your Azure VMs from malware and other threats. This blog post discusses several key ways […]
Net User Command – Manage Local Windows Users Accounts. While Windows offers an array of native command lines and tools, the net command is one of the most simplistic. Net commands have been around since Windows NT and have continued to stay with Windows ever since. The net command suite allows admins to quickly manage […]