cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Security Experts Blog
Options
5,679

Effective strategies for conducting Mass Password Resets during cybersecurity incidents

DenizSezer on Jun 11 2024 09:30 AM
Learn about the challenges of performing a mass password reset and best practices for carrying one out.
4,163

Recover an ADCS platform from compromise

dmayes on May 21 2024 09:30 AM
Discover how Microsoft DART executes the recovery of an Active Directory Certificate Services server amidst a ransomware...
1,972

Microsoft Defender Experts Services Expanded Coverage Upcoming Preview

Elisa_Lippincott on May 06 2024 09:00 AM
We are excited to announce our upcoming preview of our Defender Experts services expanded coverage.
11.6K

Hunting in Azure subscriptions

Mary_Asaolu on Apr 30 2024 07:00 AM
8,749

Strategies to monitor and prevent vulnerable driver attacks

stefanpuzderca on Apr 09 2024 08:41 AM
Delve into the intricate details of vulnerable driver attacks, and discover effective strategies to prevent them
8,005

Follow the Breadcrumbs with Microsoft IR & MDI: Working Together to Fight Identity-based Attacks

DenizSezer on Mar 21 2024 09:00 AM
Learn how Microsoft Incident Response uses Microsoft Defender for Identity (MDI) against identity-based attacks.
6,359

Welcome to the Microsoft Defender Experts Ninja Hub

Elisa_Lippincott on Feb 20 2024 07:20 AM
Bookmark this page for document guides, videos, and other resources focused on Defender Experts services.
18.8K

Hunting for QR Code AiTM Phishing and User Compromise

krithikar on Feb 12 2024 05:00 AM
Dig into the mechanics of QR code phishing, how the Defender Experts team hunts for these campaigns, and the mitigations...
16.6K

Defender Experts’ recommendations for impactful security posture management

PhoebeRogers on Jan 25 2024 05:23 PM
Improve your security posture with impactful controls and configurations recommended by Defender Experts.
2,640

Test your configurations and experience Defender Experts Notifications early

ashutoshmaheshwari on Jan 18 2024 07:38 PM
Our new sample Defender Experts Notifications feature lets you test configurations and see what to expect when you get a...
8,183

Experience Defender Experts above the fold

DillonPersaud on Jan 10 2024 05:42 PM
Get more visibility into what our Defender Experts are doing on your behalf with a new homepage experience and enhanced ...
16.9K

Security Analyst Profile: Arlette Umuhire Sangwa

JoeCicero on Jan 03 2024 11:04 AM
"It's not just about protecting data - it's about safeguarding the very services and institutions that are crucial for o...
18K

Security Analyst Profile: Amanda Cantero Schilling

JoeCicero on Dec 14 2023 07:00 AM
"Securing the digital frontier is not just about stopping cyber threats; it's about understanding the ever-evolving land...
8,202

The Microsoft Security Experts Discussion Space: Your Gateway to Knowledge Sharing

Raae_ on Dec 05 2023 06:59 AM
We're excited to spotlight our Microsoft Security Experts Discussion Space—a dedicated community designed for cybersecur...
9,902

What’s new in Microsoft Defender Experts for XDR

Elisa_Lippincott on Nov 15 2023 08:10 AM
We've been busy! Learn more about the latest enhancements to the Defender Experts for XDR service.
18.8K

Service Delivery Manager Profile: Meiko Lopez

JoeCicero on Nov 13 2023 08:00 AM
"Be steadfast in the truth - providing comfort and assurance to the customers that you will help them to a resolution."
11.1K

Service Delivery Manager Profile: Sachin Kumar

JoeCicero on Nov 06 2023 08:06 AM
“As an SDM, I am committed to walking this path of security alongside our Defender Experts for XDR customers.”
3,302

Catch Defender Experts for XDR on the Ninja Show

Elisa_Lippincott on Sep 21 2023 01:30 PM
Join us on September 25, 2023 at 9:00am PT or watch later on-demand
22.6K

A day in the life of a Defender Experts for XDR analyst

PhoebeRogers on Sep 19 2023 02:58 PM
See how Defender Experts help keep Microsoft customers secure every day.
9,048

The Vital Role of a Service Delivery Manager: Your Defender Experts for XDR Trusted Advisor

JoeCicero on Sep 13 2023 04:12 PM
This blog explores examples of how service delivery managers enhance your Defender Experts for XDR journey.
5,952

Get incident updates from Defender Experts for XDR in the SOC tools you use

Vivek Kumar on Sep 05 2023 01:12 PM
Learn how you can get incident updates from Microsoft Defender Experts for XDR in the SOC tools you already use.
8,517

Defender Experts Chronicles: A Deep Dive into Storm-0867

Kirtar on Aug 28 2023 10:04 AM
In this blog, our Defender Experts take a deeper look at the threat actor Storm-0867.
15.9K

Strategies for securing identities in Azure Active Directory with Sean Metcalf

BrookeLynnWeenig on Jun 14 2023 10:09 AM
Trimarc Founder and Chief Technology Officer Sean Metcalf talks about Active Directory & Azure AD security and strategie...
4,753

Visit Microsoft Security Experts at the RSA Conference 2023

Elisa_Lippincott on Apr 18 2023 01:49 PM
We’ll be in San Francisco starting Sunday, April 23, 2023. Get the details here.
24.4K

Fuzzy hashing logs to find malicious activity

Steve_Versteeg on Apr 05 2023 06:54 AM
Microsoft Incident ResponseDuring incident response, the investigators aims to find all traces of threat actor activity ...
4,787

Catch Defender Experts for Hunting on the Ninja Show

Elisa_Lippincott on Mar 14 2023 04:33 PM
Join us on March 16, 2023 at 9:00am PT or watch later on-demand  

Latest Comments

Pragmatic1265
in Hunting for MFA manipulations in Entra ID tenants using KQL on Jun 13 2024 02:22 AM
Excellent idea and great work! I was playing around with this, wanted to create a detection rule against but couldn't get UserID or DeviceID into it.Any idea how to create a detection rule, for sure it will be a strong one. Thank you for sharing this!
0 Likes
Elisa_Lippincott
in Microsoft Defender Experts Services Expanded Coverage Upcoming Preview on Jun 12 2024 01:46 PM
Thank you for the heads up! Appreciate it! The link has been updated.
0 Likes
AndrePKI
in Microsoft Defender Experts Services Expanded Coverage Upcoming Preview on Jun 12 2024 03:08 AM
Link to Sentinel instance within the unified security operations platformpoints to review.learn... it should point to https://learn.microsoft.com/en-us/azure/sentinel/microsoft-sentinel-defender-portal @Elisa_Lippincott
1 Likes
Simone_Oor
in Hunting for MFA manipulations in Entra ID tenants using KQL on Jun 11 2024 03:37 AM
This is so useful, thank you very much 
1 Likes
Fbacchin
in Hunting for QR Code AiTM Phishing and User Compromise on Apr 29 2024 02:27 PM
Has anyone tried this approach of using a custom CSS template in Microsoft Entra ID Company Branding, to trigger a logic that detects when a user visited a Microsoft login page via an AitM site / proxy ? The process is explained here:AitM detection with Sentinel via custom CSS (hybridbrothers.com) B...
0 Likes