Security-blog
Become smarter about cybersecurity.
Here, Morten Thomsen will be sharing knowledge, experiences, tips, and tricks from the cyber field and goes behind the scenes of current attacks, so organizations can identify vulnerabilities and strengthen their cybersecurity.
Get notified about new posts by following on Twitter and LinkedIn
Part 6: Advanced Hunting Queries
In this sixth blog post I will give you a deeper dive into Advanced hunting. It will show how to do advanced hunting queries in Microsoft XDR to proactively search for potential threats and suspicious activities.
Part 5: Microsoft XDR Advanced Hunting and Automating Security Workflows
In this fifth blog post I will explore how to use Microsoft XDR to automate security workflows and improve efficiency and response times. One of the key features of Microsoft XDR is advanced hunting, which allows you to run complex queries across various data sources and hunt for threats and anomalies. Advanced hunting can be combined with custom detection rules, which are a way to create custom alerts and trigger automated responses based on advanced hunting queries.
Part 4: Exposure Management
In this fourth blog post, I will go over the features and benefits of Microsoft Exposure Management and how it can help you lower your exposure and enhance your security posture. If you are a security professional looking for a better way to manage your security exposure, you might be interested in Microsoft Exposure Management in Microsoft XDR.
Part 3: Threat Intelligence
This is the third blog post where I will show how to work with threat intelligence feeds in Microsoft XDR. I will describe what threat intelligence means and how it helps in protecting against sophisticated and ongoing threats. I will demonstrate how to combine external and internal threat intelligence sources with Microsoft XDR to get more information and perspective into the alerts and incidents you face.
Part 2: Incident Response with Microsoft XDR
In this second blog post, I will share my view on how Microsoft XDR can boost your incident response and management approach. I will cover the benefits of Microsoft XDR, such as unified visibility, automated analysis, and built-in orchestration, and provide some best practices for leveraging its features to reduce the time and effort needed to respond and be proactive to security incidents.
Part 1: Exploring the Portal
A deep dive into the security.microsoft.com portal, its features, and how to customize it for different roles within an organization. How to navigate and customize the security.microsoft.com portal for your organization's needs.
New Attack Surface Reduction rules availible
Microsoft recently released 2 new Attack Surface Reduction rules.
In this post you will find the policies descripted and how to set it up. You can also find a short description on how to look at your audited rules so you can end up in Block mode.
Enjoy reading, hope you like it!
Leveraging Deception in MDE to improve early detection
Microsoft's recent introduction of deception technology in Defender for Endpoint marks a significant leap forward, offering a powerful tool to enhance Endpoint Detection and Response (EDR) capabilities and secure organizational assets from advanced attacks.
Enjoy reading, hope you like it!
Why should you use Microsoft 365 Defender
The question I often hear is why should we buy / use Microsoft 365 Defender (the E5 security license)???
I will provide you with some of the answers!
Enjoy reading, hope you like it!