Another day of Cybersecurity
In the tangled world of cybersecurity, where threats often wear the cloak of invisibility, defenders must become hunters, actively seeking out their elusive adversaries. Within this digital battleground, Microsoft Defender for Identity emerges as a formidable ally, empowering cybersecurity teams … Read the rest
What are the effective ways to identify an adversary in Active Directory infrastructure? There are many ways to identify Active Directory incidents, whether through Event IDs, network traffic, or other logs. The logs are often missing or don’t have accurate … Read the rest
Microsoft Defender for Identity Group recently released the Active Directory Certificate Service (ADCS) support and expanded its coverage with a new AD CS sensor!. Great milestone.
Like other sensor types in Microsoft Defender for Identity, this one is simple … Read the rest
Threat Hunting in the Cloud differs from Legacy Threat Hunting (on-premise). Change my Mind.
This post, among many others in the “Cloud Threat Hunting” series, will take you into the Cloud Threat-Hutning and “little things” you should know. I have … Read the rest
How do you investigate security incidents in Active Directory? Is the investigation only at the Active Directory level? or may it include the endpoint? Is it through an interface or CLI? Adversaries love Active Directory, and as we can see, … Read the rest
