Recent Blogs
As a Senior Cybersecurity Solution Architect, I’ve had the privilege of supporting organisations across the United Kingdom, Europe, and the United States—spanning sectors from finance to ...
Sep 17, 2025
Introducing…the Cyber Dial Agent; a browser add-on and agent that streamlines security investigations by providing analysts with a unified, menu-driven interface to quickly access relevant pages in M...
Sep 17, 2025
Background:
Since its launch in 2020, Azure Firewall Manager has supported customers in securing their networks. But the role of network security has since evolved, from a foundational requirement ...
Sep 17, 2025
Today, Defender for Storage released, in public preview for Commercial Cloud, the feature Automated Remediation for Malware Detection. This is for both On-upload and On-demand malware scanning. The f...
Sep 17, 2025Recent Discussions
Azure Active Directory Webinar Community
Our 12-part AAD Webinar program has now concluded. Check back here soon to learn about our FY21 webinar plans! Want to watch and listen to these webinars? Check back a few weeks after each webinar session at https://aka.ms/AADWebinarRecordings. Time & Date Webinar Topics March 5, 2020 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Your journey to passwordless (You will learn about options to minimize use of passwords today and how to work toward a passwordless future.) March 12, 2020 1. 0700 PT / 1000 ET / 1400 GMT 2. 1100 PT / 1400 ET / 1800 GMT Registration closed Manage Partner Access with B2B (You will learn how to collaborate with your partners in a secure manner.) March 19, 2020 1. 0700 PT / 1000 ET / 1400 GMT 2. 1100 PT / 1400 ET / 1800 GMT Registration closed Enable New Customer Experiences with B2C (You will learn how to enable new customer experiences with Azure AD B2C.) June 11, 2020 1. 0700 PT / 1000 ET / 1400 GMT 2. 1100 PT / 1400 ET / 1800 GMT Registration closed Identity Governance for Modern Organizations (We will introduce tools to govern the lifecycle of user and guest identities in your Azure AD and Office 365 deployment.) June 18, 2020 1. 0700 PT / 1000 ET / 1400 GMT 2. 1100 PT / 1400 ET / 1800 GMT Registration closed Getting started with Azure AD Reporting and Insights (You will learn how to Interpret Azure AD Logs, Integrate with your SIEM tools and Gather Insights about your Azure AD Service.) June 25, 2020 1. 0700 PT / 1000 ET / 1400 GMT 2. 1100 PT / 1400 ET / 1800 GMT Registration closed Azure AD as the New Security Control Plane (You will learn how to assess and implement a modern approach to secure your organization identities with Azure AD.) 2019 Webinar Dates 2019 Webinar Topics September 5, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Getting started with hybrid identity Learn how and why to integrate your on-premises identities with Azure AD. September 12, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Integrating your applications with Azure Active Directory Learn how integrating your line of business and SaaS apps using Azure Active Directory enables advanced security, single sign-on, and convenience for you and your users. September 19, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Take your apps to the next level with provisioning Simplify identity lifecycle management with Azure AD automatic user and group provisioning for SaaS applications. October 3, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Upgrade your security with multi-factor authentication Protect your users by leveraging Azure AD and 3rd party multi-factor authentication. October 10, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Starting your journey to Zero Trust with Conditional Access & Identity Protection Today's cloud technology and mobile workforce challenge traditional approaches to security. Learn how to shore-up your environment by following zero trust methodologies and Azure AD technologies. October 17, 2019 1. 0700 PT / 1000 ET / 1500 GMT 2. 1100 PT / 1400 ET / 1900 GMT Registration closed Empower your users with better IT scalability Learn how Azure AD enables your users to reset their passwords securely and manage their own security and allows you to scale IT management of groups. Want to listen to the recording? Check back a few weeks after the webinar session at https://aka.ms/AADWebinarRecordings.AIP Webinar Recordings
Below are the links to the recordings of the AIP webinar sessions. AIP Unified Labeling webinar recording: May 23, 7:00 AM PT / 10:00 AM ET / 2:00 PM GMT Unified Labeling in AIP Feedback https://aka.ms/AIP-UL-Webinar-Feedback Slide deck Attached below AIP 6 Part Series: NOTE: We are currently experiencing a problem with many of these recordings. The links that do not work have been temporarily removed until the problem is resolved. We are working to resolve the problem as quickly as we can. Thanks for your patience. Recordings of most of the sessions can be found at https://aka.ms/SecurityCommunityFiles. Update: Several people requested the slide decks, so we have attached them. If you were unable to join us live, but have questions about something covered in the webinar, you can ask them at https://www.yammer.com/askipteam. To ensure you hear about future AIP webinars and other developments, make sure you've joined out community by going to https://aka.ms/SecurityCommunity. We hope you'll join us!Azure ATP Webinar Recordings
Below are the links to the Azure ATP webinar recordings. Time & Date Topic Link to the recording July 15, 8:00 AM PT / 11:00 AM ET / 15:00 UTC Detections part 2 of 2 MP4 YouTube June 24, 8:00 AM PT / 11:00 AM ET / 15:00 UTC Unified SecOps Portal MP4 YouTube April 29, 8:00 AM PT / 11:00 AM ET / 15:00 UTC Detections part 1 of 2 MP4 YouTube The slide decks can be found in the same folders as the MP4 files at https://aka.ms/SecurityCommunityFiles. You can sign up for forthcoming webinars at https://aka.ms/AATPWebinar.Azure Active Directory Webinar Recordings
Below you will find links for the recordings of the Azure Active Directory webinar sessions in YouTube format. Note, these webinar recordings will be available roughly 2-3 weeks after each of the live webinars. Live links will be posted as soon as they are available. We will also post a pdf of the PPT used in each webinar as soon as we have that available. ALSO NOTE: COVID has delayed recordings of March and June sessions, but we hope to have those posted below by end of June / early July. Please also note: Depending on your Internet connection it may take up to fifteen seconds or so for the recording to start. Check in at our webinar community for FY21 updates: https://aka.ms/AADWebinarCommunity. Date Topic Recording PPT Presentation March 5, 2020 Your journey to passwordless (You will learn about options to minimize use of passwords today and how to work toward a passwordless future.) YouTube Link March 12, 2020 Manage Partner Access with B2B (You will learn how to collaborate with your partners in a secure manner.) YouTube Link March 19, 2020 Enable New Customer Experiences with B2C (You will learn how to enable new customer experiences with Azure AD B2C.) YouTube Link June 11, 2020 Identity Governance for Modern Organizations (We will introduce tools to govern the lifecycle of user and guest identities in your Azure AD and Office 365 deployment.) YouTube Link June 18, 2020 Getting started with Azure AD Reporting and Insights (You will learn how to Interpret Azure AD Logs, Integrate with your SIEM tools and Gather Insights about your Azure AD Service.) YouTube Link June 25, 2020 Azure AD as the New Security Control Plane (You will learn how to assess and implement a modern approach to secure your organization identities with Azure AD.) YouTube Link 2019 Recordings & PowerPoint Presentations September 5, 2019 Getting started with hybrid identity Learn how and why to integrate your on-premises identities with Azure AD. YouTube Link September 12, 2019 Integrating your applications with Azure Active Directory Learn how integrating your line of business and SaaS apps using Azure Active Directory enables advanced security, single sign-on, and convenience for you and your users. YouTube Link September 19, 2019 Take your apps to the next level with provisioning Simplify identity lifecycle management with Azure AD automatic user and group provisioning for SaaS applications. YouTube Link October 3, 2019 Upgrade your security with multi-factor authentication Protect your users by leveraging Azure AD and 3rd party multi-factor authentication. YouTube Link October 10, 2019 Starting your journey to Zero Trust with Conditional Access & Identity Protection Today's cloud technology and mobile workforce challenged traditional approaches to security. Learn how to shore-up your environment by following zero trust methodologies and Azure AD technologies. YouTube Link October 17, 2019 Empower your users with better IT scalability Learn how Azure AD enables your users to reset their passwords securely and manage their own security and allows you to scale IT management of groups. YouTube Link Thanks for watching and please feel free to share these links!Join Our Security Community
We want you to speak directly to our engineering teams. We believe that the best way to improve our security products is by having no barriers between you and the people that create them. That's why we need your participation in our security community. As part of our community you can influence our products and get early access to changes by participating in private previews, giving feedback, requesting features, reviewing product roadmaps, joining webinars and calls, or attending in-person events. Join Us To join our community, click here, and then click the join button and the heart icons of the groups your are interested in, as pictured below. Additional Security Groups Here's a list of other security-related groups you may want to join. Azure Azure Security Center Azure Security and Identity Azure Sentinel Enterprise Mobility + Security Azure Advanced Threat Protection and ATA Azure Information Protection Microsoft Cloud App Security Internet of Things Azure Security Center for IoT Microsoft Graph Security API Security, Privacy & Compliance. Windows Defender Advanced Threat Protection Find Us on LinkedIn We have a general discussion group on LinkedIn called the Microsoft Security Community, where I announce highlights from this site. Please join the group and feel free connect with me. Webinars and Calls Several of our product teams hold regular webinars or calls where they introduce the product, do a deep dive, preview forthcoming features, gather feedback, and answer questions. Registration links are posted below: Product Next Webinar Recordings of Past Webinars Azure Security Center for IoT 8/5/2019: Introduction https://aka.ms/ASCIoTRecordings Azure Advanced Threat Protection TBD https://aka.ms/AATPRecordings Azure Sentinel TBD http://aka.ms/AzureSentinelRecordings Azure Information Protection TBD https://aka.ms/AIPRecordings Microsoft Cloud App Security TBD https://aka.ms/MCASRecordings Security Intelligence Report TBD https://aka.ms/SIRRecordings Customer Advisory Council (CAC) We periodically select customers to be part of our Customer Advisory Council (CAC). We form a close relationship with these organizations, inviting them to exclusive, in-person events and giving them access to non-public roadmaps and information. CAC members give in-depth feedback our on products and consequently exert a great deal of influence our plans, priorities, and designs. Part of our criteria for choosing CAC members is how active they are in this community. If you would like to be part of our CAC, join our community, participate heavily, and then reach out to me. Submit Feature Requests In addition to engaging us in the ways listed above, you can also submit and vote on feature requests at https://microsoftsecurity.uservoice.com. We hope to hear from you soon!Welcome to the Azure Purview tech community!
Azure Purview is a fully-managed, serverless, PaaS unified data governance service to maximize business value of data. Manage and govern your on-premises, multicloud, and software-as-a-service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Empower data consumers to find valuable, trustworthy data. To ramp-up quickly, we suggest you visit the Azure Purview product page . Get started with Azure Purview documentation and view the Mechanics video to see Azure Purview in action and give us your feedback via UserVoice. Have a question, comment, or request? Post it right here. The Azure Purview team.Automate response with Defender ATP and Microsoft Flow
Another cool product of the MVP Summit Hackathon by Stefan Schörling. Step by step blog will guide you in how to automate responses with MDATP Flow connector. don't forget to show your love. Use the like button here and share your feedback in this conversation. http://blog.sec-labs.com/2019/04/automate-response-with-defender-atp-and-microsoft-flow/Welcome to the Virtual Ninja Show’s Ninja Cat giveaway!
We are so excited to announce there will be NINE opportunities across Season 3 of the Ninja Show to earn your very own plush ninja cat and give it a new beloved home and we have many plush ninja cats looking for a new home! It works like this: for each episode there is a task to accomplish related to the topic in that show. You can complete each episode’s task for an opportunity to win! When you receive a LIKE on your response (from me, Heike) make sure you check your messages here in Tech Community for a message (from me, Heike ) with next steps. If you do not receive a like, don’t worry - come back and keep trying! For each episode, you have a new chance to win a kitty! Though we do limit one ninja cat per person, please! Click on any episode conversation below to access the various tasks! Episode specific conversations will be posted after their live broadcast is finished. Once you’ve submitted your response, and received my like, I will reach out for the last few details to get your ninja cat on its way! P.S. You have time to put your raffle ticket in the basket (for any episode) until April 14 th ! > Episode 2 | Mastering email authentication and slashing overrides: Part 2 (March 9 th 9 AM PT) > Episode 3 | Microsoft Sentinel Integration (March 14 th 9 AM PT) > Episode 4 | Defender Experts for Hunting Overview (March 16 th 9 AM PT) > Episode 5 | Mobile Threat Defense (March 20 th 9 AM PT) > Episode 6 | SaaS security posture management (SSPM) (March 21 st 9 AM PT) > Episode 7 | Defender for Identity and Defender for Endpoint: Better Together (March 23 rd 9 AM PT) > Episode 8 | Get to know Microsoft Defender Vulnerability Management Premium (March 27 th 9 AM PT) > Episode 9 | Attack disruption (March 29 th 9 AM PT) > Episode 10 | Identity Threat Detection and Response (March 30 th 9 AM PT) Good luck! Heike and the Ninja Show crew This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14 th , 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.Join Our Security Community
We want you to speak directly to our engineering teams. We believe that the best way to improve our security products is by having no filter between you and the people that create them. That's why we need your participation in our security community. As part of our community you can influence our products and get early access to changes by participating in private previews, giving feedback, requesting features, reviewing product roadmaps, joining conference call discussions, or attending in-person events. Join Us To join our community, click here, and then click the join button and the heart icons of the groups your are interested in, as pictured below. Additional Security Groups Here's a list of other security-related groups you may want to join. Azure Azure Security Center Azure Security and Identity Enterprise Mobility + Security Azure Advanced Threat Protection and ATA Azure Information Protection Microsoft Cloud App Security Microsoft Graph Security API Security, Privacy & Compliance. Windows Defender Advanced Threat Protection Find Us on LinkedIn We have a general discussion group on LinkedIn called the Microsoft Security Community, where I announce highlights from this site. Please join the group and feel free connect with me. Customer Advisory Board (CAB) We periodically select customers to be part of our Customer Advisory Board (CAB). We form a close relationship with these organizations, inviting them to exclusive, in-person events and giving them access to non-public roadmaps and information. CAB members give in-depth feedback our on products and consequently exert a great deal of influence our plans, priorities, and designs. Part of our criteria for choosing CAB members is how active they are in this community. If you would like to be part of our CAB, join our community, participate heavily, and then reach out to me. If you are a member, you can find our private CAB group here. Note that in order to access this group, you will first have to join our public groups using the instructions above, and then contact us to be added to the private access list. Conference Calls Several of our product teams hold regular conference calls where they preview forthcoming features, gather feedback, and host discussions. Many of these allow you to join private previews. Meeting invitations are posted on the product spaces within the communities. Contact me if you would like to join the calls and cannot find what you are looking for. Submit Feature Requests In addition to engaging us in the ways listed above, you can also submit and vote on feature requests at https://microsoftsecurity.uservoice.com. We hope to hear from you soon!MCAS Webinar Recordings
Below are the links to the recordings of the MCAS webinar sessions (registration here: https://aka.ms/MCASWebinar). The links are the same ones used to join the webinar, which is why we can post them before the webinars have taken place. NOTE: We are currently experiencing a problem with many of these recordings. The links that do not work have been temporarily removed until the problem is resolved. We are working to resolve the problem as quickly as we can. Thanks for your patience. If you were unable to join us live, but have questions about something covered in the webinar, you can ask them at https://aka.ms/MCASQandA, or, as always, feel free to make a post on this MCAS Tech Community group with your question. To ensure you hear about future MCAS webinars and other developments, make sure you've joined out community by going to https://aka.ms/SecurityCommunity. We hope you'll join us!YARA rule support
Hi everybody, I'm curious if Microsoft is planniung to support YARA rules. I think that this will become even more important in the future. I fould this verry old thread from 2019, where this question was asked from other folks: IS MS looking to support custom YARA rules for Windows Defender ATP - Microsoft Tech Community Unfortunately, it looks like that nothing happend so far. Best regards StefanAzure AD group-based license management for Office 365 and more
This looks awesome - simplify licence management for Office 365, EMS, Dynamics 365 and more with the https://blogs.technet.microsoft.com/enterprisemobility/2017/02/22/announcing-the-public-preview-of-azure-ad-group-based-license-management-for-office-365-and-more/: Microsoft cloud services such as Office 365, Enterprise Mobility + Security, Dynamics CRM, and other similar products require licenses to be assigned to each user who needs access to these services. Until now, licenses could only be assigned at individual user level, which can male large-scale management difficult for our customers. We have introduced a new capability of the Azure AD license management system: group-based licensing. It is now possible to assign one or more product licenses to a group. Azure AD will make sure that the licenses are assigned to all members of the group. Any new members joining the group will be assigned the appropriate licenses and when they leave the group those licenses will be removed. This eliminates the need for automating license management via PowerShell to reflect changes in the organization and departmental structure on a per-user basis. Here is the documentation with the steps to get started - https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-whatis-azure-portal
RSS feeds to security blogs?
Hello, After the update of blogs here i no longer see any RSS feeds or links. Where can those RSS feed be found now? It was the only newsfeed where blogs could be aggregated. perhaps im just blind :) but i cant find the new RSS feeds. Thank you! Previously (before this weeks update) the links to those RSS feed was as follows: https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSecurityandCompliance https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Identity https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=CoreInfrastructureandSecurityBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=AzureNetworkSecurityBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=IdentityStandards https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftThreatProtectionBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderCloudBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderATPBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderIoTBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderExternalAttackSurfaceMgmtBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Vulnerability-Management https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderThreatIntelligence https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSecurityExperts https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=Microsoft-Security-Baselines https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftSentinelBlog https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderforOffice365BlogThe final push to GA "Azure AD in new Azure Portal": We need your help!
Hello folks, We`re making our final push to the General Availability of "Azure Active Directory in the new Azure Portal", and we need your help to make sure it is great for you. As Alex Simons shared: "Last September we shared the first preview of the new administration experience for Azure Active Directory in the new Azure portal. Since then, we’ve added lots of new functionality, including reporting, app management, conditional access, B2B, and licensing. Many of you are using the new experience regularly – in fact, over half a million of you are using it, from almost every country in the world, with usage increasing by about 25% each month. We appreciate all your positive feedback, and love the constructive feedback that’s helped us make an even stronger product. But there are still a LOT of you using the old portal. Late last week we turned on the another set of feature updates, and the new experience now has all of the features identity admins frequently use. With that update, we’ve entered our final push to GA the UX in the next ~60 days. And that’s where we need your help: We need everyone to move over to using the new portal for production tasks so we can uncover any last minute lingering issues." Please, do read Alex` blog post for more details and send us your feedback in the ‘Admin Portal’ section of our feedback forum. Let us know what you think!
[MDE] Add the important feature, Yara rules if possible
Hi, Refer to this advisory (first link). In addition, you can see that there are Yara rules from GitHub (inside pdf). (2nd link) All EDR/XDR companies (except Microsoft) already have features and a Yara rule configuration for the incident responders to detect. The method of adding and detecting Yara rules has been in practice across companies for many years. Would you mind advising on any reason why not adding the important feature, Yara rules? It would be good if you include the important feature, Yara rules. If not, would you mind advising on converting from Yara rules to MDE query for querying via advanced threat hunting? Thanks much appreciated. 🙂 https://www.csa.gov.sg/singcert/Advisories/ad-2021-007 This link is the Yara rule. https://github.com/Neo23x0/signature-base/blob/master/yara/apt_cobaltstrike.yar https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/yara-rule-support/m-p/2276820
Events
We begin our webinar series with a review of the latest IDC whitepaper on secure access strategies for the AI era. The document examines how organizations are focusing on integrating identity and net...
Online
Security Compute Units (SCUs) are the required resource units that power Microsoft Security Copilot, ensuring dependable and consistent performance across both standalone and embedded product experie...
Online