Maximizing security with Microsoft Defender for Identity
Microsoft Defender for Identity Posture Recommendations
Detecting and mitigating Active Directory compromises: a comprehensive guide
Active Directory (AD) is the backbone of identity and access management for most enterprises, making it a prime…
Microsoft deprecates NTLM and why this is an important step
Microsoft deprecates NTLM (New Technology LAN Manager) and recommends transitioning to Kerberos as the primary authentication protocol. Kerberos…
SOC Optimization in Microsoft Sentinel
Microsoft Sentinel is a next-generation cloud-native Security Information and Event Management (SIEM) solution, enriched by AI and threat…
Microsoft Unified Security Operations Platform
In today’s complex threat landscape, security teams face an uphill battle. They grapple with vast amounts of data…
Microsoft Security Exposure Management
Microsoft unveiled its Security Exposure Management on March 13, 2024. The solution was developed in response to increasing…
Protecting against QR Code Phishing (Quishing)
As part of our SOC team, we’ve witnessed a significant surge in QR Code Phishing incidents over the…
AiTM / MFA phishing attacks with Evilginx3 and Gophish
I’ve been a user of Evilginx for quite a few years. It’s an awesome tool, very impressive in…
SPF, DKIM and DMARC
As of Feb. 1, 2024, Google has announced that they are going to make some changes to their…
Monitoring admin roles in LogAnalytics
When it gets to know your environment, I always want to know who added admin roles to a…