What's new and What's learning period in Microsoft Defender for Identity.
In this blog post, I will explain an advanced settings capability available in the Microsoft Defender for Identity, which will help the security admins in evaluating the product and tweaking the sensitivity level of the alerts. What's Learning Period in MDI? What are the latest enhancements added to that feature? https://www.linkedin.com/pulse/whats-new-learning-period-microsoft-defender-identity-elie-karkafyUpcoming Webinar Series: ITDR
Update: the recordings of the webinar series ITDR can be found here, please scroll down to "MICROSOFT DEFENDER XDR" The Microsoft POC as a Service (POCaaS) Program is a unique service available to our customers to help evaluate and try out our security offerings, we deliver these on a regular basis to customers around the world. They provide a fully managed test environment where customers can get hands-on experience with some of our core security products. Namely, Microsoft Defender for Identity, Defender for Endpoint, Defender for Cloud Apps, Defender for Office 365, and Sentinel. In addition to the hands on elements of the service one of our subject matter experts delivers a deep dive workshop for the relevant service showcasing its end to end capability and providing full education on the product. With this, we are thrilled to announce a new webinar series where we will take the workshop materials from each of our POCaaS programs, share best practices and provide education on each of the products we cover. What to Expect The webinar series will take the educational content from our POC offerings and condense into multipart 1 hour webinars. We will start with a four-part webinar series with Chris Ayres to guide you through ITDR, Identity Threat Detection and Response. Session 1: ITDR Introduction and Prevention Capabilities | April 23, 09:00 AM PST Hear Microsoft's Incident Detection and Response (ITDR) story and understand its critical role in today's dynamic threat landscape. Explore the significance of prevention and adaptive controls. Session 2: Detection | April 24, 09:00 AM PST Discuss the imperative need for robust detection capabilities against advanced identity attacks, whether identities reside on-premises, in hybrid environments, or in the cloud, and discover the comprehensive solutions Microsoft offers to safeguard your entire identity estate effectively. Session 3: Investigation and Hunting | April 30, 09:00 AM PST Learn to empower your SOC with deep visibility into identity entities, context, and telemetry and understand how this capability streamlines efficient investigation and incident triage. Session 4: Response | May 1, 09:00 AM PST Gain insights into native response capabilities seamlessly integrated into the SOC workflow. Learn how to leverage them to effectively respond to identity-related attacks and remediate issues within your environment. We will finish off with a short view on how you can best evaluate the products. Save the Date Reserve your spot for any session or the entire series on the Microsoft Security webinars page: Microsoft Sentinel & Defender XDR Security Public Webinars Don't miss this opportunity to learn directly from our experts and have your questions addressed. We look forward to your participation!
MDI and multi-tenancy
Hi, We have the following setup: Developer Azure Tenant and developer on-prem domain (sync'ed via AADConnect) Production Azure Tenant and Production on-prem domain (sync'ed via AADConnect) We would now like to start using MS Defender for Identity. Can we install the MDI sensor on all domain controllers (in both Developer and Production on-prem domains) so that they all report to the same MDI Portal running in the Production Azure Tenant? Thank you, SK
How to secure the modern workplace with Microsoft 365 Advanced Threat Protection
Hi community, I was involved in big implementation to Azure ATP, Office 365 and Windows ATP in large enterprise with thousands of users and across 60+ countries across the globe. I also providing consulting to many enterprises when it comes to cloud security. I noticed that organizations and businesses do not get the big picture when it comes to all security features available in Azure and Microsoft 365, with all new updates and zero trust network approach. There are just a lot of services and it is hard to understand how to build and re-imagine a new defense in depth strategy for organizations moving to the cloud. So, I put this blog post and video, illustrating and showing how to think of security in modern workplace utilizing all security features in Azure AD, Office 365 and EMS E5. I do not want to sounds like marketing post to my blog post, but I would love to share my thoughts and engage in conversation with the community about this subject. Here is the https://blog.ahasayen.com/secure-modern-workplace-with-microsoft-365-advanced-threat-protection/, and https://youtu.be/3pVRmaxNPJs I recently made. Please tell me if this makes sense, and let me know if you have further questions.
