Just another day of IR, Threat-Hunting & Microsoft Security
Copilot for Security provides a natural language and assistive copilot experience. It helps support security professionals in end-to-end scenarios such as incident response, threat hunting, intelligence gathering, and posture management. Designed with integration, Copilot for...
Cloud Service Principal is the key, abuse the hole, or the misconfiguration. While I’m investigating or attacking the cloud for many components on a daily basis. I find a lot of abuses. Some of them...
This post discusses the new Microsoft Defender for Cloud – Malware Scanning feature. While this feature was released recently, I tested it as a private preview, and it has many notes, some of which are...
Breaking the Cloud via “some service” is every pentester or red reamer mission. While the Blue team, SecOps, and other security teams struggle to minimize the attack surface area, create friction with attackers, and gain...
If you are interested in artificial intelligence, natural language processing, or cybersecurity, you might have heard of ChatGPT. It is a state-of-the-art language generation model that can produce realistic and coherent text on almost any...
While investigating an incident, we aim to find the campaign, the attackers, and who is behind the attack – in this situation, Context is Everything. Threat intelligence plays a critical role in many scenarios; an...
Can you monitor or prevent a reconnaissance or enumeration? Especially reconnaissance (recon) on the cloud? Mostly not, and it depends on the recon types. While recon for local (on-premises) resources can be challenging or more...
How long does it take to detect and identify attacks on cloud resources? And how much time does it take for the Azure Blob container? Do you know if your cloud storage is part of...
