Finding, tracking, and managing all the assets found within an organization’s vast – and often unknown – digital attack surface can be a daunting task. A lack of knowing and monitoring all your assets, including shadow IT, leads to security gaps that can be exploited by attackers.

Generative Artificial Intelligence (GenAI) is changing the game in the workplace. It sparks incredible productivity and innovation everywhere you look and across all kinds of industries and regions. According to a recent research study: 93% of businesses are either implementing or developing an AI strategy. At the same time, about the same percentage of risk […]

Hate JSON templates? Looking to make your own Codeless Connectors for Microsoft Sentinel? You’re in luck. This workbook sets out to create a UI experience for creating Codeless Connectors in order to make it as easy as possible. *Please note: This workbook is considered Public Preview as there is some supplementary content that is still […]

In the constantly evolving landscape of cybersecurity, it is common to see features designed for convenience lead to negative cybersecurity consequences. Microsoft Teams, an essential tool for corporate communication, contains features and configurations that are susceptible to abuse.

This sample showcases onboarding of a new hire using a Temporary Access Pass to remotely gain access to their corporate account. It also showcases the onboarding of a B2B guest user by the use of creating an invitation using Microsoft Graph that is redeemed in the application and not via sending an email.

Entra ID protection is an excellent feature amongst the other services in the Entra Premium P2 license SKU. Microsoft Entra ID Protection detects identity-based risks so that admins can mitigate those risks. Users can also self-mitigate risk.

In an era of expanding interconnected attack surfaces, organizations face a growing concern about a myriad of exposures, including software vulnerabilities, control misconfigurations, overprivileged access, and evolving threats leading to sensitive data exposure.

In the ever-evolving landscape of cybersecurity, IT professionals are continuously seeking innovative ways to bolster their defenses against sophisticated cyber threats. Microsoft’s recent introduction of deception technology in Defender for Endpoint marks a significant leap forward, offering a powerful tool to enhance Endpoint Detection and Response (EDR) capabilities and secure organizational assets from advanced attacks.

In this blog, we will start looking at the first pillar: identity. This pillar encompasses all types of identities including user, service, application, or machine accounts. The identity maturity level will be assessed against different processes as we discussed in the previous blog in the definition of the maturity model.

Since COVID-19, many users have started working from home until the same time, many end users like to use their personal devices to check their email over Outlook, Teams, SharePoint, and other M365 products, which is fine, but recently, many companies have been worried about their own Docs. To be copied, printed, downloaded, etc.

Once you know how Microsoft Entra Access Reviews can be setup and configured, are aware which resources an Access Review can be applied to, and the limitations it has today. Let’s dive into ‘Enabling Access Reviews on scale within Microsoft Entra by using the Microsoft Graph API and sensitivity labels!’ in three steps.

The Compliance Manager offers different types of functions. For one, you can use it as an Information Security Management System or ISMS. You can track your progress in addressing specific controls and you can download this progress and any evidence of this.

In response to the ever-evolving landscape of cyber threats, Threat Explorer plays a critical role in identifying and mitigating security risks within Office 365 environments. Microsoft Defender for Office 365 is focused on refining the user interface and functionality in threat Explorer to provide a more intuitive, responsive, and seamless experience for users to empower […]

A Temporary Access Pass (TAP) is a time-limited passcode that can be configured for single or multiple use. The Temporary Access Pass (TAP) allows the user to securely sign in to the Microsoft Cloud within a defined time period to set up additional authentication methods. These secure authentication methods include passwordless methods such as FIDO2 […]

Security recommendations in Microsoft Defender for Cloud help you to improve and harden your security posture. Recommendations are based on assessments against security standards defined for Azure subscriptions, AWS accounts, and GCP projects that have Defender for Cloud enabled.This article describes how to: Create custom recommendations for all clouds (Azure, AWS, and GCP) with a […]

In the ever-evolving landscape of cybersecurity, staying ahead of threats is a constant challenge for organizations worldwide. Microsoft Copilot for Security emerges as a beacon of innovation, leveraging the power of Generative AI to revolutionize how security teams operate.

In this post you will find the policies descripted and how to set it up. You can also find a short description on how to look at your audited rules so you can end up in Block mode.

provides a comprehensive suite of tools for developers to manage the software development lifecycle and incorporate security practices into their development processes. Azure DevOps Auditing is a centralized log management and analysis tool for administrators and security teams to monitor, investigate, and audit activities across Azure DevOps services. The primary goal is to enhance security, […]

Microsoft deserves commendation for its relentless efforts in pushing organizations to adopt stronger authentication methods. However, it is important to acknowledge that even with these measures in place, bad actors can still gain unauthorized access to employee accounts through tactics such as phishing and social engineering. Once inside, they can add authentication methods of their […]

Did you know that when you use Copilot to generate new content based on a source file with a sensitivity label applied, the label is automatically inherited along with its protection settings?

Configuration analyzer in Microsoft Defender for Office 365 helps you find and fix security policies that are less secure than the recommended settings. It allows you to compare your current policies with the standard or strict preset policies, lets you apply recommendations to improve your security posture, and view historical changes to your policies.

In the dynamic landscape of adversary-in-the-middle (AiTM) attacks, the Microsoft Defender Experts team has recently observed a notable trend – QR code-themed phishing campaigns. The attackers employ deceptive QR codes to manipulate users into accessing fraudulent websites or downloading harmful content. These attacks exploit the trust and curiosity of users who scan QR codes without […]