Mar 30 2023 09:17 AM - edited Mar 31 2023 01:10 AM
For this episode, your opportunity to win a plush ninja cat is the following –
Our season finishes here! After learning about this last topic, tell us your thoughts on the Microsoft 365 Defender approach to ITDR.
This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14th, 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.
Mar 30 2023 09:27 AM
Mar 30 2023 09:39 AM
Mar 30 2023 02:32 PM
@HeikeRitter I Really like the ITDR. Its nice to have a place to look at all the logins, the risk score, and why they scored high. If you do spot a true positive risk for a user you need to be able to quickly disable their AD account and you can do it within a few clicks, it really makes the ITDR portal of great value. Thanks for the great info!
Mar 31 2023 01:49 AM - edited Mar 31 2023 06:09 PM
Hey@HeikeRitter
The ITDR module is one of the important components when it comes to M365D, the ITDR helps us to prioritize things, add more context and gives us a timeline of the things. Whenever an incident occurs, the first thing anyone would be checking is:
"What is happening?"
"Who is the user associated?"
"What are the devices associated?"
and able to answer them all via the ITDR portal is so helpful.
Corelating many alerts, automating them and finally combining them to an incident and giving them a risk level score is one of the components I like, and this helps analysts when it comes to Proactive hunting.
Also @HeikeRitter and team, loved all the episodes, Keep'em coming. Looking forward.
Best,
Praveen A
Mar 31 2023 03:46 AM
Apr 02 2023 02:47 PM - edited Apr 02 2023 02:53 PM
I want to reach out and express my gratitude for the Virtual Ninja Training. The shared insights and expertise in the different area's of Microsoft products have been incredibly valuable to me and I'm sure to many others who watched the training.
I believe that the Microsoft 365 Defender approach to ITDR is comprehensive and proactive, providing organizations with the tools they need to protect against a range of identity-related attacks. The solution's focus on identity protection is especially critical given the increasing prevalence of identity theft and fraud in today's digital landscape.
Apr 03 2023 01:46 AM
SolutionApr 04 2023 04:46 AM
Apr 05 2023 10:53 AM
Apr 10 2023 11:46 AM
@HeikeRitter thank you and the Defender Tech Community team for the past season of the Ninja Cat Show! It has been a thrill to watch it.
My thoughts on the Defenders ITDR-approach from an operator standpoint are how simple it is to first set up for the whole organization and gain valuable insight into the identity risk brought by either a rogue user or stolen credentials. ITDR enriches the identity data in an abnormal situation involving any sort of identity, no matter if it's an actual user, shared mailbox, service account or anything else in cloud, on-prem or external. Risk scores are also a very nice way to display how the user is regurarly acting and if there is some big variance all of a sudden.
Apr 11 2023 12:05 PM
Microsoft 365 Defender approach to ITDR
ITDR :- It provides the amazing integration and automation between Identity providers (identity admin-covering MS & non-MS solution providers) and identity protection (SOC- analyst)
It helps in solving the biggest problem in the identity space during attack eg. Along with taking right remediation with the Defender solution , there is detailed investigation on the attack can be done through SOC which provides the critical details of attack.
Apr 12 2023 06:41 AM
Apr 03 2023 01:46 AM
Solution