Another day of Cybersecurity
Picture the classic castle and moat defense. For years, security teams believed that building high walls and deep moats could keep adversaries at bay. The logic seemed simple: if you fortify the perimeter, everything inside is safe. However, as attackers … Read the rest
In the modern Microsoft 365 threat landscape, SharePoint Online is no longer a document dump. It is a sprawling, API rich, over permissioned jungle wired into the core fabric of collaboration. With tight Graph API hooks, seamless integration with Teams, … Read the rest
In Microsoft Teams – “Attackers didn’t break in — they joined the meeting…”
Welcome to the frontline of enterprise collaboration compromise: Microsoft Teams. Once just a chat app, now a sprawling hub for files, apps, identities, secrets… and attackers. … Read the rest
Many parties have recently contacted me regarding TLS support. The intention is to extract from Microsoft Sentinel findings or reports of all the old versions of Azure services TLS. In order to understand where old versions are, where new versions … Read the rest
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you’re diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.
Note: This repository is under development. … Read the rest
Copilot for Security provides a natural language and assistive copilot experience. It helps support security professionals in end-to-end scenarios such as incident response, threat hunting, intelligence gathering, and posture management.
Designed with integration, Copilot for Security offers a standalone experience … Read the rest
Ransomware attacks grow and cripple companies, cities, and businesses. Attackers are locking people out of their networks and demanding significant payment to get back in. The case is that many organizations still pay attackers in order to get their data … Read the rest
Many times people asked me about the differences between external attack surface management, vulnerability management, and penetration testing. Mostly “What will be the and the right approach to handling security tools alongside the behavior and procedures. While many organization has … Read the rest
