Microsoft Defender for Endpoint Commonly Used Queries and Examples
Sometimes you forgot a few content lines in the needed "Advanced Hunting Query" of Microsoft Endpoint Protection (Microsoft Defender ATP), the following cheat sheet of commonly used MD ATP Queries may be able to help regain the memory of content, the cheat sheet also come with examples.Microsoft Defender for Identity - Azure ATP Daily Operation
Tracing the threats related to Skeleton key attacks, Golden Ticket usage, Remote Execution attempts, Rogue DCSync attack, Identity Theft... by using your MS Defender for Identity portal as part of your daily security monitoring and response. Also, looking into the proactive remediation plan and action progress by using MS Defender for Identity tool.
