Newsletter #2 2023

Published on: September 24, 2023


First of all, thank you for subscribing and reading the EndpointCave security newsletter.

I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.

But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?

Please send me a message. You can contact me on Twitter (X) or LinkedIn.

In the last two weeks, the community has created a lot of content and a lot has happened.

First, I want to start with the news that the MGM casinos and Bellagio were hacked, just with a phone call to the helpdesk. Please ensure that this does not happen to your organization by providing training and setting up processes that prevent this.

Something that I also like to highlight is some other big news.

Cisco has acquired Splunk to Help Make Organizations More Secure and Resilient in an AI-Powered World. For more information about this huge news, read the press release of Cisco here.

Will this be the downfall of Splunk?

Okay, enough about the news, let’s move on to the highlights of this newsletter.


The countdown to Microsoft Ignite has begun.

Explore the latest in technology, access Microsoft experts and partners, and forge new connections while reconnecting with your peers. Ignite will be a hybrid event.

In Seattle: November 14–17, 2023 PT | Online dates: November 15–16, 2023 PT.

Unfortunately, the in-person event is already sold out. But you can still register for the online event.

Register here and more information about Microsoft Ignite can be found here.

Microsoft Security Copilot

Do you use Access Reviews in Entra ID Governance? Free tip of Jan Bakker!

Think about a good and user-friendly title and description. Your users have no idea what CLOUD-PROD-LIC-APP-ENG-FS001-DEFAULT-EXTEAMS means.

Security topics to watch on Youtube

Do you want to know more about DevOps Security? Please check out this video of Pouyan Khabazi, David Trigano, and Frans Oudendorp

In our latest Talking Security podcast episode, we dive into the world of DevSecOps with David Trigano, Senior Product Manager at Microsoft. We explored the evolving landscape of DevSecOps and the related security challenges. But here’s the game-changer: Microsoft Defender for Cloud!

We dove into how Microsoft Defender for Cloud is transforming DevSecOps by providing valuable insights into the processes. With features like PR annotations, your security and development teams are working hand in hand to swiftly identify and resolve potential issues. This proactive approach not only strengthens your organisation’s security posture but also ensures that vulnerabilities and misconfigurations are stopped, long before they reach production.

Are you interested in Office 365 backup? Please check out this video of Peter Rising.

In this video, Peter will delve into the debate of do you need a backup for your Microsoft 365 data. This is a divisive subject and admittedly Peter has changed his own stance on this over the years.

Are you interested in Real-time Threat Hunting and Catching an Attacker with Live-streamed Data? Please check out this video of Jeroen Niesen.

In this enlightening video, dive deep into the world of real-time cybersecurity as we leverage live-streamed data to identify and track a potential attacker in our digital environment. Equipped with specific indicators of compromise (IoC), like IP addresses and usernames, we set up precision alerts to notify us the moment suspicious activity occurs. Join me on this thrilling digital chase and witness first-hand how proactive threat hunting can be the key to fortifying your digital frontiers.

Microsoft 365 Defender Virtual Ninja Training

Season 5 opener brings you up to speed on major Microsoft Defender for Endpoint feature updates announced in public preview. Senior Product Manager Dan Levy presents what’s new in this space, such as endpoint security policies being available in the Microsoft 365 Defender portal and how these updates improve the day-to-day activities of security admins.

This episode will be available on-demand immediately after the completion of the live event. Watch all previous Ninja Show episodes and see the full season calendar at ->

The next episode is on Wednesday, September 13th at 9 AM PT and it goes about: Microsoft Defender for Endpoint Configuration Management deep dive

 Don’t miss the next Ninja show, Add it to your calendar        

Blogs from the community

This is the end of this newsletter. Thank you for reading the Endpoint Security newsletter, I hope you have found valuable content that you can use.

Do you have any feedback? Please feel free to share your thoughts and suggestions with me for future editions. Any valuable content of blogs that I need to monitor or share.  Please send me a message. You can contact me on Twitter (X) or LinkedIn.

Kind Regards,


Subscribe or follow me


Receive the monthly newsletter directly in your mailbox

Followon XSubscribeto RSS Feed

Latest blog posts