Month: September 2020

Enriching Windows Security Events with Parameterized Function

Posted on by No Comments ↓

 
Overview
 
Monitoring Windows Security Auditing logs is essential in helping SOC analysts to keep track of any unplanned changes in a computer’s system audit policy settings. If there is an indication of a suspicious anomalous activity, an … Continue reading Enriching Windows Security Events with Parameterized Function

Microsoft Advanced Compliance Solutions in Zero Trust Architecture

Posted on by No Comments ↓

Zero Trust architecture starts with Identity and Access Management but it doesn’t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and … Continue reading Microsoft Advanced Compliance Solutions in Zero Trust Architecture

Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise

Posted on by No Comments ↓

A new report from Microsoft shows it is clear that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to identify.
The post Microsoft Digital Defense Report 2020: Cyber Threat Sophisticatio… Continue reading Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise

Analysing Web Shell Attacks with Azure Defender data in Azure Sentinel

Posted on by No Comments ↓

Tom McElroy, Rob Mead – Microsoft Threat Intelligence Center
Thanks to Stefan Sellmer, Elia Florio, Ram Pliskin, Dotan Patrich & Yossi Weizman for making this blog possible.
 
On the 22nd September 2020 as part of IGNITE, we released a video d… Continue reading Analysing Web Shell Attacks with Azure Defender data in Azure Sentinel