Microsoft
Tech Community
Home
Community Hubs
Community Hubs
Community Hubs Home
Products
Special Topics
Video Hub
Close
Products
(64)
Special Topics
(44)
Video Hub
(976)
Most Active Hubs
Microsoft Excel
Microsoft Teams
Windows
Security, Compliance and Identity
Microsoft 365
Outlook
SharePoint
Azure
Exchange
Windows Server
Intune and Configuration Manager
Azure Data
.NET
Sharing best practices for building any app with .NET.
Microsoft FastTrack
Best practices and the latest news on Microsoft FastTrack
Microsoft Viva
The employee experience platform to help people thrive at work
Most Active Hubs
Core Infrastructure and Security
ITOps Talk
Education Sector
Microsoft Learn
Healthcare and Life Sciences
AI and Machine Learning
Internet of Things (IoT)
Microsoft Mechanics
Mixed Reality
Public Sector
Small and Medium Business
Azure Partner Community
Expand your Azure partner-to-partner network
Microsoft Tech Talks
Bringing IT Pros together through In-Person & Virtual events
MVP Award Program
Find out more about the Microsoft MVP Award Program.
Video Hub
Azure
Exchange
Microsoft 365
Microsoft 365 Business
Microsoft 365 Enterprise
Microsoft Edge
Microsoft Outlook
Microsoft Teams
Security
SharePoint
Windows
Blogs
Blogs
Events
Events
Events Home
Microsoft Ignite
Microsoft Build
Community Events
Microsoft Learn
Microsoft Learn
Home
Community
Blog
Azure
Dynamics 365
Microsoft 365
Security, Compliance & Identity
Power Platform
Github
Teams
.NET
Lounge
Lounge
1M
Members
8,536
Online
276K
Discussions
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
|
Search instead for
Did you mean:
Sign In
Sign In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
|
Search instead for
Did you mean:
Microsoft Security Experts Blog
Filter by label
Filter by label
Defender Experts for Hunting
Defender Experts for XDR
Industry Expert Series
Microsoft Detection and Response Team (DART)
Follow
RSS
X
URL
Copy
Options
Author
Add author
Searching
invalid author
# of articles
25
50
100
200
Labels
Select Label
(
0
)
Clear selected
Defender Experts for Hunting
Defender Experts for XDR
Industry Expert Series
Microsoft Detection and Response Team (DART)
Clear
Home
Home
Security, Compliance, and Identity
Microsoft Security Experts Blog
Options
Mark all as New
Mark all as Read
Pin this item to the top
Subscribe
Bookmark
Subscribe to RSS Feed
858
Catch Defender Experts for Hunting on the Ninja Show
Elisa_Lippincott
on
Mar 14 2023 04:33 PM
Join us on March 16, 2023 at 9:00am PT or watch later on-demand
26.6K
Total Identity Compromise: DART lessons on securing Active Directory
mzorich
on
Feb 28 2023 01:22 PM
8,521
Good UAL Hunting
EmilyParrish
on
Jan 18 2023 09:31 AM
In this blog post, we will be taking a deeper dive into the Office 365 Unified Audit Log (UAL).
2,677
NEW SERIES: Security Experts Roundtable coming January 25, 2023
BrookeLynnWeenig
on
Dec 19 2022 12:01 PM
Introducing our newest webinar series within Microsoft Security.
1,411
How to Set Security Budget and Controls to Identify Threats Faster
BrookeLynnWeenig
on
Dec 08 2022 09:00 AM
Lauren Podber offers recommendations for how organizations can build security controls and budgets.
9,134
Microsoft Defender Experts for XDR now in preview
Elisa_Lippincott
on
Nov 22 2022 08:22 AM
We are excited to announce that Microsoft Defender Experts for XDR is now officially in preview. We are excited to annou...
4,119
Using Microsoft Security APIs for Incident Response - Part 2
TroyLainhoff
on
Nov 01 2022 09:00 AM
This blog is part two of a three-part series focused on facilitating programmatic data pulls from Microsoft APIs.
39.5K
Forensic artifacts in Office 365 and where to find them
EmilyParrish
on
Sep 26 2022 09:26 AM
In this article, we aim to provide some explanations and tips for investigators to use to be able to easily understand i...
3,743
Industry Expert Series: What keeps an AppSec CTO up at night?
BrookeLynnWeenig
on
Sep 15 2022 10:27 AM
Veracode Co-founder/Chief Technology Officer Chris Wysopal shares insights on app security and why automation should be ...
3,762
Industry Expert Series: Wireless Security- How to Better Protect Devices and Networks
BrookeLynnWeenig
on
Aug 22 2022 09:00 AM
Viszen Security Founder Jennifer Minella shares insights on wireless security and conditional access.
10.9K
Using Microsoft Security APIs for Incident Response - Part 1
TroyLainhoff
on
Aug 19 2022 11:04 AM
This blog series highlights ways you can leverage an Azure AD application registration and OAuth authentication to allow...
11.4K
Part 2: LockBit 2.0 ransomware bugs and database recovery attempts
Danielle_Veluz
on
Mar 11 2022 10:02 AM
In the previous blog post in this series, we provided background about our analysis of the LockBit 2.0 ransomware and de...
16.5K
Part 1: LockBit 2.0 ransomware bugs and database recovery attempts
Danielle_Veluz
on
Mar 11 2022 10:01 AM
Microsoft Detection and Response Team (DART) researchers have uncovered “buggy code” and critical inconsistencies in the...
22.8K
Leveraging the Power of KQL in Incident Response
Danielle_Veluz
on
Jan 04 2022 09:00 AM
In this blog, we’ll show you how the Microsoft Detection and Response Team (DART) uses the Kusto Query Language (KQL) to...
Latest Comments
Reza_Ameri
in
Total Identity Compromise: DART lessons on securing Active Directory
on
Mar 11 2023 12:30 PM
Thank you for sharing this valuable article.The real problem is on the practice, when we want to adapt these recommendations in the real-world it is not easy. Sometimes IT admins don't have time to read.
1 Likes
SystemEngineer
in
Total Identity Compromise: DART lessons on securing Active Directory
on
Mar 11 2023 03:06 AM
Thank you @mzorich for sharing such great article summary, this really helps us to secure the environment better.
1 Likes
Ma-tth
in
Total Identity Compromise: DART lessons on securing Active Directory
on
Mar 01 2023 07:39 AM
@mzorich Thank you, this is a help for practical work, it explains the topics well and at the same time is a collection of important topics
2 Likes
Extreme775
in
Part 2: LockBit 2.0 ransomware bugs and database recovery attempts
on
Jan 30 2023 11:32 AM
Hi @Danielle_Veluz, This is amazing! Can you share your code to extract the IV and Key code in c++? Thanks.
0 Likes
DCoombe1450
in
Leveraging the Power of KQL in Incident Response
on
Jan 06 2023 10:18 AM
Awesome post. Is EventsWithinTimeframe() available on Microsoft's Github page as I couldn't find it.
0 Likes
Browse
Latest Comments