Newsletter #6 2023

Published on: November 19, 2023


First of all, thank you for subscribing and reading the EndpointCave security newsletter.

I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.

But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?

Please send me a message. You can contact me on Twitter (X) or LinkedIn.

The community has created a lot of content in the past two weeks. I would like to share some of those blogs and videos with you. First of all, I want to highlight some content and after the highlights and video, I have shared some blogs from the community for the community. I assume that one of those topics will be interesting for you.



The Book of News is designed to be your guide to all Microsoft announcements, making it easy for you to navigate the latest information and provide key details on the topics in which you are most interested. Microsoft is excited to share some groundbreaking new products and critical updates that help make work and life easier and more productive.

Link to the Book of News

Introducing a Unified Security Operations Platform with Microsoft Sentinel and Defender XDR

Security teams are tasked with more responsibilities than ever before, and the complexity of today’s security tooling landscape doesn’t make their job any easier. They need to sift through vast amounts of data from various sources which can lead to slower threat response and resolution, increased time spent on learning new technologies, more integrations, and less comprehensive insights. Furthermore, managing the costs associated with data handling remains a significant challenge.

Microsoft is committed to empowering these teams by consolidating the multitude of tools necessary for protecting a digital estate into a single, effective solution powered by AI and automation. This addresses a key pain point in the cybersecurity industry: the need for protection of the entire digital estate and boosting SOC efficiency with simplified tooling experience and management.

With this announcement, Microsoft will deliver:

  • A Unified Platform.
  • Embedded Security Copilot.
  • Automatic Attack Disruption.
  • Tailored recommendations.

More information about this Unified Security operations platform can be found here:

Microsoft Security Copilot

A new ASR rule is coming

The new ASR rule “Block Webshell creation for Servers” is now in the official documentation. Unfortunately not much information in the documentation but we can conclude that a new ASR rule is coming.

Link to the Microsoft ASR Rules documentation

Security Adoption Framework

The SAF provides guidance for organizations through end-to-end security modernization across a ‘hybrid of everything’ multi-cloud and multi-platform technical estate. The SAF framework is similar to the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) as it includes both public guidance and also takes the form of Microsoft Unified workshops where Microsoft experts help customers plan and execute security modernization.

More information about the Security Adoption Famework

Security topics to watch

Stop hackers from stealing your Microsoft 365 user’s passwords

In this video, Merill will show how you can steal a Microsoft 365 user’s password using a man-in-the-middle phishing attack with a tool like EvilGinx. Merill shows how you can apply conditional access policies in Microsoft Entra to block phishing attacks like this.

Click here to view the video on YouTube

TechTalk Dudes S03E03 – Microsoft Entra Inbound Provisioning API

Unlock the full potential of Microsoft Entra Inbound Provisioning API with Ronny and Pim’s latest video guide!  Join to delve into the intricacies of this powerful feature, designed to streamline user provisioning within the Microsoft ecosystem.

Click here to view the video on YouTube

November 2023 – What’s New in Microsoft Entra Identity & Security w/ Microsoft Security CxE identity

With so many new features being added to the Microsoft Entra Identity platform, join Product Managers Grace Picking and Jorge Lopez from the Microsoft Security CxE team, in the first of a monthly series to highlight what is new across public preview and GA features in Microsoft Entra for November 2023!

Click here to view the video on YouTube

Blogs from the community

Thank you for being a part of my newsletter, I hope you found valuable content in my newsletter. I look forward to delivering more valuable content in the future.

Your feedback is welcome, so please feel free to share your thoughts and suggestions for future editions.

Kind Regards,


Subscribe or follow me


Receive the monthly newsletter directly in your mailbox

Followon XSubscribeto RSS Feed

Latest blog posts