Ninja Cat Giveaway: Episode 3 | Sentinel integration
For this episode, your opportunity to win a plush ninja cat is the following - Reply to this thread with: what was your favorite feature Javier presented? Oh and what does UEBA stand for? This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14 th , 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.MITRE ATT&CK Coverage
Morning from the UK! I am trying to better understand how Defender \ Sentinel protect against the MITRE ATT&CK framework. I am particularly interested in mapping to the tactics \ techniques that tools such as Bloodhound and PingCastle highlight for Active Directory \ Azure Active Directory, but am struggling to see what is available in the product and what is still on the roadmap: https://www.pingcastle.com/PingCastleFiles/ad_hc_rules_list.html In terms of what coverage exists within a Tenant, I know there is improvements planned in the roadmap to the current MITRE coverage in Microsoft Sentinel, but is there any way that I could use a Graph query to get what is currently covered?Ninja Cat Giveaway: Episode 7 | Defender for Identity and Defender for Endpoint: Better to together
For this episode, your opportunity to win a plush ninja cat is the following - Tell us about an alert that started either from Defender for Endpoint or Defender for Identity and what additional information from the other product (Defender for Endpoint or Defender for Identity) helped you get more details about that alert? Or share your favorite KQL query with tables from both products. This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14 th , 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.
Boost your Security Posture with a New Password Spray Detection Alert in Microsoft 365 Defender
Microsoft Defender alert policies are crucial for organizations to monitor and detect suspicious activities that may lead to cyber-attacks and data loss. These prebuilt policies help forensic investigators, security teams, and IT admins to detect and respond to potential threats promptly in their organization. What’s new? Microsoft has introduced a new alert to detect ‘Password spray attack originating from single ISP’. This new alert is absolutely a game-changer in cybersecurity, providing an additional layer of security to defend against such attacks. By identifying possible indicators of password spray attacks, organizations can take proactive measures to prevent potential breaches. Check out the blog to know more about how to identify the possible indicators of password spray attacks and the remediation actions. https://blog.admindroid.com/password-spray-attack-detection-with-new-microsoft-365-defender-alert/
