Browsing Category

Security

18 posts

Modern cybersecurity is no longer about isolated controls or single products. Effective security requires continuous visibility, detection across domains, and the ability to understand how individual signals relate to real attack paths. This category focuses on modern security architecture, with a strong emphasis on detection, exposure reduction, and operational security.

The articles in this category cover real-world security scenarios using Microsoft’s security ecosystem, including Defender XDR, Exposure Management, and identity-driven detection. Rather than theoretical models, the focus is on how attacks actually unfold, how signals are generated, and how security teams can respond effectively.

You will find deep dives into topics such as attack surface exposure, cross-domain correlation, incident investigation, and the operational realities of running a SOC. Many articles connect technical configurations directly to risk reduction, governance, and long-term security strategy.

This category is intended for security professionals who want to move beyond checkbox security and understand why controls matter, how they interact, and where visibility gaps typically exist. It also serves as a foundation for more specialized categories such as Defender XDR, Sentinel, Identity, and Compliance.

Automatic Attack Disruption XDR M365 Defender

12 min

Automatic Attack Disruption in Microsoft Defender XDR

The reality of modern ransomware response Picture this: It’s 2 AM. Your on-call engineer gets an alert about…

Modern Security

13 August 2025

7 min

Selective Isolation in Defender for Endpoint – Combining tools like Velociraptor for DFIR

With the introduction of Selective Isolation, Microsoft Defender for Endpoint has taken a significant step toward more flexible…

Modern Security

13 July 2025

5 min

Integrating Microsoft Defender EASM with Exposure Management

Microsoft has taken another step in closing the gap between internal risk and external exposure. With the June…

Modern Security

23 June 2025

7 min

Stopping malicious Browser Extensions with Microsoft Defender TVM and Intune

Browser extensions have quietly evolved into one of the most dangerous and overlooked attack vectors in modern enterprise…

Modern Security

16 April 2025

6 min

Case management in Microsoft Defender and Sentinel: streamline your SecOps

Managing complex security incidents has always been a challenge for Security Operations Centers (SOCs). From correlating alerts to…

Modern Security

31 March 2025

8 min

Integrating T-pot Honeypot with Microsoft Sentinel using Data Collection Rules (DCR)

In the face of increasing cybersecurity threats, early detection and analysis of attack behaviors are essential for proactive…

Modern Security

30 December 2024

6 min

Microsoft Defender External Attack Surface Management (EASM)

As organizations grow their digital footprint, managing the external attack surface has become critical for reducing risks and…

Modern Security

20 November 2024

8 min

Maester – Swiss army knife for M365 security testing

In today’s digital environment, security and compliance are vital for organizations to protect their assets and meet regulatory…

Modern Security

16 October 2024

5 min

Maximizing security with Microsoft Defender for Identity

Microsoft Defender for Identity is a robust, cloud-based security solution designed to safeguard your organization’s on-premises Active Directory (AD)…

Modern Security

8 August 2024

6 min

Detecting and mitigating Active Directory compromises

Active Directory (AD) is the backbone of identity and access management for most enterprises, making it a prime…

Modern Security

10 July 2024

Hand-Picked Top-Read Stories

Microsoft Defender for Endpoint custom data collection: get the telemetry you need

Getting started with OpenCTI: threat intelligence connected to Microsoft Sentinel

Microsoft Defender for Identity sensor guide (v3.x)

Security

Automatic Attack Disruption in Microsoft Defender XDR

Selective Isolation in Defender for Endpoint – Combining tools like Velociraptor for DFIR

Integrating Microsoft Defender EASM with Exposure Management

Stopping malicious Browser Extensions with Microsoft Defender TVM and Intune

Case management in Microsoft Defender and Sentinel: streamline your SecOps

Integrating T-pot Honeypot with Microsoft Sentinel using Data Collection Rules (DCR)

Microsoft Defender External Attack Surface Management (EASM)

Maester – Swiss army knife for M365 security testing

Maximizing security with Microsoft Defender for Identity

Detecting and mitigating Active Directory compromises

Microsoft Defender for Endpoint custom data collection: get the telemetry you need

Getting started with OpenCTI: threat intelligence connected to Microsoft Sentinel

Microsoft Defender for Identity sensor guide (v3.x)

Defender XDR advanced hunting tables: ingest directly into Sentinel data lake

Manage your live response library directly in Microsoft Defender