Just another day of IR, Threat-Hunting & Microsoft Security
Recently, there have been massive cyberattacks against cloud providers and on-premises environments, the most recent of which is the attack and exploitation of vulnerabilities against Exchange servers – The HAFNIUM. This post focus on Microsoft Sentinel...
Are your Intune local users configured as local admin? Do you’ve got additional admin users on Intune devices? In most cases, Intune users could be the Local administrators, and it’s a feature without any disruption,...
Sentinel. Sentry a defender always on the guard who aims to protect and withstand threats, anticipate any attack, assume that it will arrive, and adjust the behavior accordingly. Be present to protect the assets and...
Managing comprehensive security products and security controls can be complicated, requiring a specific skill set and controlling all over the security process. In addition to managing complexity, monitoring the simulation activities, alerts, and results is...
This article is less technical but an article of those moments where you understand why a particular technology is the one that is important to focus on. This article reminds me of different moments where...
There are few terms for credential attacks, such as password attacks, identity attacks, dictionary attacks, etc. Identity attacks come in different styles with different nuances. The most prevalent attacks are the Password Spray and Brute-force...
Integrated threat protection from Microsoft will empower your organization’s defenders by putting the right tools and intelligence in the hands of the right people. Get insights across your entire environment with Azure Sentinel. Use integrated, automated,...
The following post is part of a series of articles that will focus on the many capabilities and options of Azure Sentinel, from the beginning with deployment, through configure connectors to the setting and using...
