In this first lesson, Rogier will cover the basics of creating a plugin for Microsoft Security CoPilot. By the end, you’ll understand the essential parts needed to make a plugin and be able to use the template we provide. Microsoft Security CoPilot comes with some pre-made plugins that users or organizations can turn on. But […]

Today, a quick tip for all Entra admins out there. Conditional Access policies can be subject to change. When a policy is changed, its not very easy to see what changed.

Microsoft is pleased to introduce some new features and improvements for the service today. These features include capabilities that enhance the monitoring and scalability of your Azure Firewall: – Flow Trace logs are now generally available. – Autoscaling based on the number of connections is now generally available. – Parallel IP Group update support is […]

Mobile devices are increasingly targeted by cyberattacks that can compromise your data, privacy, and productivity. To protect your devices from these threats, you need a Mobile Threat Defense (MTD) solution that can detect and respond to malicious activities on your device and network. Microsoft Defender for Endpoint is a unified endpoint security platform that provides […]

In this tutorial, Daniel will show you how to use a combination of Microsoft Graph PowerShell, Managed Identities and Azure Automation to create a secure way of reporting on application admin grant consents to Graph API permissions weekly via email. This will help any information security teams identify if an Administrator granted more than the […]

Deploying Microsoft Copilot in Your Microsoft 365 Environment: The Imperative of Microsoft Information Protection – As you contemplate the integration of Microsoft Copilot into your Microsoft 365 environment, understanding the significance of Microsoft Purview Information Protection becomes paramount. – Be cautious of sharing sensitive information in your Copilot environment and avoid oversharing. – Help protect […]

Windows has several built-in local security groups that are designed to manage permissions and access rights on a computer. These groups are predefined by Windows, and each group has specific rights and permissions. The exact groups available can vary depending on the version of Windows you’re using or the features that are enabled.

In the realm of IT and cybersecurity, tracking both recent and historical activity across your IT environment is crucial. Imagine this: in the event of a breach, having ready access to logs can be the key to fully understanding and neutralizing the attack. Without them, you might find yourself in a daunting search for the […]

Directory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts of privilege, even being equated to the Global Admin Entra ID role.

Microsoft announced last year a new feature with the name; Automatic Attack Disruption in Defender XDR (Microsoft 365 Defender). Since October last year, Microsoft expanded the Automatic attack disruption feature with the support of human-operated attacks and the ability of user containment. Jeffreys earlier published blog includes the basics of Attack disruption; this blog will […]

When moving away from traditional and weak authentication methods like passwords to stronger ones like Authenticator App and passkeys, it’s essential to keep informed when some of these methods change. Organizations moving to modern authentication are facing new challenges around onboarding and recovery of authentication methods, as attackers can also use this to settle in […]

In this article, Steven will shared how to use the password spray data obtained from Micrososoft Sentinel and convert to Excel data for Copilot usage. Password spray is just one use case for SecOps, potentially any security data extracted out from MS Sentinel or DefenderXDR we can use Copilot for Microsoft 365 to analyze the […]

In this tutorial, Daniel is going to show you how to use Microsoft Graph PowerShell to export a list of active and inactive users in your tenant. You can then use this information to clear up and inactive user accounts.