Forum Widgets
Latest Discussions
Secure Score - Secure Home Folders in macOS
I've performed the recommended manual remediation action (sudo chmod -R og-rw /Users/) on my Macs but Secure Score doesn't recognize it. I have noticed this occurring for a few item. We have also remediated some things through InTune but still seem to have no movement on the SecureScore. Is this a glitch within or am I missing something altogether. ThanksNew Blog Post | How to Query HaveIBeenPwned Using a Microsoft Sentinel Playbook
How to Query HaveIBeenPwned Using a Microsoft Sentinel Playbook - Azure Cloud & AI Domain Blog (azurecloudai.blog) I’ve known Troy Hunt for a number of years and his contributions to the security and privacy industry have been hugely valuable and much appreciated by the masses. HaveIBeenPwned is a great resource developed and maintained by Troy. It provides the ability to query against its database to expose domains or user accounts that have been caught up in any of the number of reported industry data breaches. Wouldn’t it be nice, then, to have this data available for your Microsoft Sentinel investigations? Fortunately, Troy provides an API for his service. I’ve provided a Microsoft Sentinel Playbook that takes email addresses associated with an Incident and submits them through the API and returns a quick note to the Comments tab in the Incident as to whether or not the email address(es) has been compromised.
Little warning on the new Purview suite for M365BP
Microsoft introduced a highly needed and expected compliance suite add-on for Microsoft 365 Business Premium. Microsoft Purview Suite for Business Premium: $10/user/month Microsoft 365 BP are unable to add Microsoft 365 E5 Compliance suite $12/user/month and forced to move to M365E3 to be able to add this product. So as a Microsoft partner I was delighted to see that Microsoft introduced this new product and made it possible to give SMB customers the tools they need to comply with all kinds of regulations. BUT: What a disappointment it is, this new product. It is a lame strip down version of the E5 Compliance suite and missing essential functionality that regulated SMB customers badly need. What the was going on in de mind of the product manager who is responsible for this product. Besides missing crucial functionality like Compliance Manager, Compliance Portal and Privilege Access Management it also misses in product features. Some examples: Data Loss Prevention: Great for protection your sensitive information leaking out of your organisation, but with a little more investigation, I found out that Administrative Units is not supported Information Protection: Automatic Labels is not supported Insider Risk management: No Adaptive Protection Compliance Manager: No Policies, No Alerts DSPM for AI: No Policies So, Microsoft come on, you can do better than this and embrace SMB’s more seriously and make E5 compliance available like you did with E5 security for M365BP users and stop with this lame and incomplete product. My recommendation to M365BP customers who need Compliance add-on, don’t buy this new suite, unless you don’t need the above functionality.
How to practice SC-200 content on an empty tenant
Hello, I am following the SC 200 course on Microsoft Learn. It is great and everything but my m365 business tenant is empty. I don't have VMs, logs, user activity or anything. I learned some KQL and microsoft provides some datasets for practice. Are there any such data I can load on my tenant for threat hunting and other SC-200 related practices or is there an isolated simulation environment I can use for learning?Want to earn an Exclusive Security Tech Community Badge? Take our quick survey!
Hey there Security Tech Community! As we prepare for Microsoft Ignite, we’re building a focused, practitioner-led security roundtable and we want your input to ensure it reflects the most relevant and pressing topics in the field. We invite you to take a short survey and share the security topics, trends, and technical questions you want to see covered. Your input will directly influence the structure and substance of the Ignite Security Roundtable. The first 5 people to post a screenshot for proof of survey completion in the comments below will receive this "Microsoft Security Star" Badge to add to their Tech Community profile! TAKE THE SURVEY NOW: https://aka.ms/IgniteSecurityRoundtableSurvey2025Share your experience with Microsoft Security Products on Gartner Peer Insights
At Microsoft, we believe the most valuable insights come from those who use our products every day. Your feedback helps other organizations make informed decisions and guides us in delivering solutions that truly meet your needs. We invite you to share your experiences with Microsoft Security products on Gartner Peer Insights. By leaving a review, you’ll help your peers confidently choose the right solutions and contribute to the ongoing improvement of our products and services. Why your review matters Empower others Your honest feedback helps fellow decision-makers understand how Microsoft Security products perform in real-world scenarios. Build community Sharing your experience fosters a community of practitioners who learn from each other’s successes and challenges. Drive innovation Your insights directly influence future product enhancements and features. How to participate Click on the Microsoft Security Product You would be prompted to log in or sign in to the site. Select the Microsoft Security product you know well. Share your experience, highlighting the features and outcomes that mattered most to you. It would take a few minutes to complete the survey. Rules and Guidelines Only Microsoft customers are eligible to submit reviews; partners and MVPs are not. Please refer to the Microsoft Privacy Statement and Gartner’s Community Guidelines and Gartner Peer Insights Review Guide for more information.
Quarantine emails marked as High Confidence Phish are being system released
I have a group of about 20 emails that were in quarantine, and within moments they were released by 'System release' There are multiple different domains being released, and all of them have a High Confidence Phish level. Since it is a system release, I cannot submit anything to Microsoft other than it appears clean. Is anyone else experiencing this?
