For this episode, your opportunity to win a plush ninja cat is the following - Reply to this thread with: Did you spot ninja cat throughout episode? Mention your favorite on-screen ninja cat appearance in this episode along with one thing you’ve learned from this episode of the Ninja Show! This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14th, 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.

Shoulder cat during a dramatic stare: "It's cool that you trust the vendor. But do you trust everybody on the Internet?" I learned how the different pieces of the protection stack work together to keep us secure.

I think I didn't know anything Paul talked about 😄

I saw a ninja cat peek out behind a painting on the wall, very clever! One thing I learned was how "whitelisting" a sender is actually an override of controls, including phishing. I will be careful to whitelist as little as possible and utilize the admin submission tool.

I like the ninja cat that was on the right side of the screen going down the rope. I learned more about enchanted filtering. Furthermore, learned how to submit malicious emails that went through to be submitted to Microsoft.

I liked the ninja cat next to your name when the presentation was coming to an end. It was nice to learn how impactful is the difference between blocking/allowing senders and domains via Submit and Transport rules.

Ninja Cat Giveaway: Episode 2 | Mastering email authentication and slashing overrides: Part 2

NGraebe
Copper Contributor
Mar 09, 2023
Thank you for the brilliant video. I saw a cat in the advanced hunting dashboard. Very cool the KQL query to see a list of messages and the used exchange transport rule the threat type and the OrgLevel action. Very nice
Sidiaw
Copper Contributor
Mar 10, 2023
The Ninja Cat appears on Paul's shoulder. One thing I learnt is to be more cautious using the Allow List. I will review what we currently have in our Allow List and try to reduce the number of items on that list.
nickydewestelinck
Brass Contributor
Mar 10, 2023
Ninja Cat appeared on HeikeRitter's shoulder, but it looked like it was scared of something! Oh no a big dog is chasing Ninja Cat!! Run Ninja Cat, Run!! It seems like Ninja Cat got away from the dog by abseiling from Paul's ceiling, but it's still not relaxed and hiding behind one of Paul's art frames. Don't be afraid buddy, we all got your back!
I learned that adding email addresses, domains, or IP addresses in your whitelist for bypassing spam is so 2000 and a no-go! It will override the antiphishing protection you have.
Implement Microsoft 365 Defender for Office 365!
Also seen some nice things with KQL, because I'm not really familiar with it's great to see what it can do.
Thanks for the nice work you all put in to make this content available! Keep up the good work!
foudendorp
Copper Contributor
Mar 10, 2023
The Ninja cat showing up at 16:15 behind the tab (Inspect Records) in Advanced Hunting looking for some nice KQL.

That's also my learning from this one - there are some useful KQL queries on the learn pages that you can use in customer environments to see how they can improve 💪
KarelPelckWortell
Copper Contributor
Mar 10, 2023
Ninja cats all over the place! But my favorite has to be the one coming down by the rope. Good to get another confirmation about never to whitelist or bypass the filters. The better way is to augment your email trust score by implementing DKIM SPF and DMARC in my opinion. As a consultant we tend to fall back on "it depends" but I might just reference this video in the future.
Thx!
GorillaBearWolf
Copper Contributor
Mar 10, 2023
I spotted one sweeping up at the end of the episode, I guess ninja cats have to pitch in as well! Learning how to check overrides with advanced hunting will be very helpful in my organization.
cygeo16
Copper Contributor
Mar 10, 2023
HeikeRitter Thank you Heike and Paul! Loved ninja cat popping up during the entire show but was great when it appeared on AH when the Cat1 transport rule was mentioned.. "Did someone say cat? I'm here! ". It was great to hear that even with an entry on the allow list, emails still get scanned and blocked if malware or high confidence phish is detected.
timbeau
Copper Contributor
Mar 10, 2023
I like the cat who was hiding behind the painting at 7:08.

In general, a very nice tutorial especially since it is spoken very clearly and therefore easy to understand, even for non-native speakers.

I learned some great things. I like the detection of the overrides with KQL (and also the short aka link)
Yaro79
Copper Contributor
Mar 10, 2023
Like the Ninja Cat going down the rope and jumping with the pencil 🙂 Thank you for putting this together. I have been thinking to fill my "Email Authentication" knowledge gap for a while now. Material is good, short and to the point. Reference to additional articles is also very useful. Thank you one more time!
_Herve_
Microsoft
Mar 10, 2023
Thank you Heike and Paul for this episode and in general for the initiative.
The ninja cat who makes pole vault with a pencil on Paul's frame made me laugh.
What I Learned is the capability to use Trusted ARC Senders in addition with SPF,DKIM and DMARC
Great Job !!!

Forum Discussion

Ninja Cat Giveaway: Episode 2 | Mastering email authentication and slashing overrides: Part 2

Share

Resources