cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Security Experts Blog
Options
6,687

Good UAL Hunting

EmilyParrish on Jan 18 2023 09:31 AM
In this blog post, we will be taking a deeper dive into the Office 365 Unified Audit Log (UAL).
2,264

NEW SERIES: Security Experts Roundtable coming January 25, 2023

BrookeLynnWeenig on Dec 19 2022 12:01 PM
Introducing our newest webinar series within Microsoft Security.  
1,050

​​How to Set Security Budget and Controls to Identify Threats Faster

BrookeLynnWeenig on Dec 08 2022 09:00 AM
​​Lauren Podber offers recommendations for how organizations can build security controls and budgets.
8,323

Microsoft Defender Experts for XDR now in preview

Elisa_Lippincott on Nov 22 2022 08:22 AM
We are excited to announce that Microsoft Defender Experts for XDR is now officially in preview. We are excited to annou...
3,685

Using Microsoft Security APIs for Incident Response - Part 2

TroyLainhoff on Nov 01 2022 09:00 AM
This blog is part two of a three-part series focused on facilitating programmatic data pulls from Microsoft APIs.
33.8K

Forensic artifacts in Office 365 and where to find them

EmilyParrish on Sep 26 2022 09:26 AM
In this article, we aim to provide some explanations and tips for investigators to use to be able to easily understand i...
3,404

Industry Expert Series: What keeps an AppSec CTO up at night?

BrookeLynnWeenig on Sep 15 2022 10:27 AM
Veracode Co-founder/Chief Technology Officer Chris Wysopal shares insights on app security and why automation should be ...
3,431

Industry Expert Series: Wireless Security- How to Better Protect Devices and Networks

BrookeLynnWeenig on Aug 22 2022 09:00 AM
Viszen Security Founder Jennifer Minella shares insights on wireless security and conditional access.
10.4K

Using Microsoft Security APIs for Incident Response - Part 1

TroyLainhoff on Aug 19 2022 11:04 AM
This blog series highlights ways you can leverage an Azure AD application registration and OAuth authentication to allow...
10.5K

Part 2: LockBit 2.0 ransomware bugs and database recovery attempts

Danielle_Veluz on Mar 11 2022 10:02 AM
In the previous blog post in this series, we provided background about our analysis of the LockBit 2.0 ransomware and de...
15.4K

Part 1: LockBit 2.0 ransomware bugs and database recovery attempts

Danielle_Veluz on Mar 11 2022 10:01 AM
Microsoft Detection and Response Team (DART) researchers have uncovered “buggy code” and critical inconsistencies in the...
21.6K

Leveraging the Power of KQL in Incident Response

Danielle_Veluz on Jan 04 2022 09:00 AM
In this blog, we’ll show you how the Microsoft Detection and Response Team (DART) uses the Kusto Query Language (KQL) to...

Latest Comments

Extreme775
in Part 2: LockBit 2.0 ransomware bugs and database recovery attempts on Jan 30 2023 11:32 AM
Hi @Danielle_Veluz, This is amazing! Can you share your code to extract the IV and Key code in c++? Thanks.
0 Likes
DCoombe1450
in Leveraging the Power of KQL in Incident Response on Jan 06 2023 10:18 AM
Awesome post. Is EventsWithinTimeframe() available on Microsoft's Github page as I couldn't find it.
0 Likes
KIEU_DUONG
in Part 2: LockBit 2.0 ransomware bugs and database recovery attempts on Dec 15 2022 06:02 AM
Dear Sir, Thanks you for your sharing. Can you sharing me your tools, I really need it. Pls let me know your condition! Thanks you!
0 Likes
TroyLainhoff
in Using Microsoft Security APIs for Incident Response - Part 1 on Aug 25 2022 07:13 AM
@PeterJ_Inobits great questions! based upon my personal experience you can indeed leverage APIs in PowerBI, but via individual account access instead of an OAuth application. In PowerBI Desktop you can Get data > OData feed, and then for the URL you can use "https://api.securitycenter.microsoft.com/...
0 Likes
JimLeary
in Using Microsoft Security APIs for Incident Response - Part 1 on Aug 20 2022 09:42 AM
@PeterJ_Inobits Make sure to check out the Defender Ninja series, and MS Challenges.
0 Likes