#microsoftsecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #microsoftsecurity, aggregated by home.social.
-
AI-powered defense for an AI-accelerated threat landscape https://www.yayafa.com/2799125/ #AgenticAi #AI #ArtificialGeneralIntelligence #ArtificialIntelligence #Copilot #Microsoft #MicrosoftAI #MicrosoftCopilot #MicrosoftDefender #MicrosoftSecurity #エージェント型AI #人工知能 #汎用人工知能
-
https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/
FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365
#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/
Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing
#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud
-
RE: https://infosec.exchange/@franklesniak/115572191076370399
#ActiveDirectory #EntraID #IdentityManagement #AccessManagement #IdentitySecurity #ZeroTrust #GroupPolicy #ConditionalAccess #PrivilegedIdentity #PrivilegedIdentityManagement #PrivilegedAccessManagement #MicrosoftSecurity #PingCastle #PurpleKnight #Maester #DigitalIdentity
-
Microsoft Edge Now Syncs Passkeys Across Windows Devices, Bolstering Passwordless Push
#Microsoft #MicrosoftEdge #Passkeys #Cybersecurity #Passwordless #Windows11 #Authentication #DigitalIdentity #Privacy #MicrosoftSecurity #BigTech
-
Overlooked WSUS configurations could be your network's Achilles' heel—hackers can seize SYSTEM-level control with zero user input. Microsoft's rapid patch is out. Is your server safe?
#wsus
#cve202559287
#windowsserver
#remotecodeexecution
#cybersecurity
#patchmanagement
#networksecurity
#microsoftsecurity
#zeroday -
Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.
Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.
#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroupsRead Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/
-
Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.
Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.
#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroupsRead Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/
-
Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.
Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.
#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroupsRead Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/
-
Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.
Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.
#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroupsRead Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/
-
Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.
Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.
#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroupsRead Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/
-
Microsoft's Security Copilot now features AI agents designed to autonomously handle high-volume security tasks
#AI #Microsoft #MicrosoftSecurity #AIAgents #Cybersecurity #SecurityCopilot #AIinCybersecurity #CybersecurityUpdates
-
Microsoft: Thousands of Leaked ASP.NET Keys Are Threatening Web Servers Through Code Injection Attacks #Cybersecurity #MicrosoftSecurity #Microsft #ASPdotNET #IIS #ViewState #MalwareAttacks #RemoteCodeExecution #Infosec #CyberThreats #MicrosoftThreatIntelligence
-
Microsoft Discovery Hour: Secure your future with the AI-first end-to-end security platform Event
When: Wednesday, February 26, 2025, 1:00 – 2:00 PM Eastern Time
msevents.microsoft.com/event?id=933...
#microsoft #microsoftevent #microsoftevents #ai #microsoftsecurity #aisecurity #zerotrust #onlineevent #onlineevents #learning -
Microsoft Discovery Hour: Secure your future with the AI-first end-to-end security platform Event
When: Wednesday, February 26, 2025, 1:00 – 2:00 PM Eastern Time
msevents.microsoft.com/event?id=933...
#microsoft #microsoftevent #microsoftevents #ai #microsoftsecurity #aisecurity #zerotrust #onlineevent #onlineevents #learning -
Microsoft Discovery Hour: Secure your future with the AI-first end-to-end security platform Event
When: Wednesday, February 26, 2025, 1:00 – 2:00 PM Eastern Time
msevents.microsoft.com/event?id=933...
#microsoft #microsoftevent #microsoftevents #ai #microsoftsecurity #aisecurity #zerotrust #onlineevent #onlineevents #learning -
Microsoft Discovery Hour: Secure your future with the AI-first end-to-end security platform Event
When: Wednesday, February 26, 2025, 1:00 – 2:00 PM Eastern Time
msevents.microsoft.com/event?id=933...
#microsoft #microsoftevent #microsoftevents #ai #microsoftsecurity #aisecurity #zerotrust #onlineevent #onlineevents #learning -
𝐇𝐨𝐰 𝐌𝐃𝐓𝐈 𝐇𝐞𝐥𝐩𝐬 𝐏𝐨𝐰𝐞𝐫 𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐟𝐨𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
A critical aspect of any security analyst's work is keeping up to date with the latest developments in the threat landscape. Copilot for Security allows users to make simple requests known as prompts to learn about threat actors, tools, indicators of compromise (IoCs), and threat intelligence related to their organization's security incidents and alerts.
Below, are three important scenarios the MDTI plugin on Copilot for Security helps teams with:
✔The Reactive approach
➡ Emphasizes investigations and enhancing threat intelligence enrichment and additional context for the entities involved in the incident.
✔The Proactive approach
➡Emphasizing the ability to detect and address threats targeting organizations like mine. It uses threat intelligence to prioritize incidents, trace possible intrusions, and expedite mitigation of misconfigurations and vulnerable software, while simultaneously assessing the organization's impact and posture against specific threats.
✔Keeping up with the latest threat intelligence Trends
➡Detecting emerging threats by analyzing articles and trends, and subsequently disseminating relevant threat data.
#copilot #copilotforsecurity #securitycopilot #microsoftsecurity #microsoft #azure #cyber #cybersecurity #threatintellitence #ti #mdti #defender #defenderthreatintelligence #soc #investigation #cloudsecurity #ai #genai #generativeai #azureopenai #openai
-
𝐁𝐞𝐜𝐨𝐦𝐞 𝐚 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐍𝐢𝐧𝐣𝐚
We collected content with multiple modules. We will keep updating this training on a regular basis.
Training content:
➡Module 1- Getting started
➡Module 2 – Portal Orientation
➡Module 3 -Prioritization
➡Module 4- Remediation
➡Module 5 - Posture and Compliance
➡ Module 6 – Data access
#defender #xdr #vulnerability #management #vulnerabilitymanagement #microsoft #microsoftsecurity #soc #cve #azure #soc #mdvm #cyber #cybersecurity #tvm
-
𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭: 𝐭𝐡𝐞 𝐚𝐫𝐭 𝐨𝐟 𝐩𝐫𝐨𝐦𝐩𝐭𝐢𝐧𝐠 𝐟𝐨𝐫 𝐞𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐭 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐢𝐧𝐯𝐞𝐬𝐭𝐢𝐠𝐚𝐭𝐢𝐨𝐧 𝐬𝐮𝐦𝐦𝐚𝐫𝐢𝐞𝐬
Security Copilot employs promptbooks—a series of user-input-driven prompts that analyze cybersecurity threats. Every interaction within Security Copilot, be it an individual prompt or a promptbook, generates a session. These sessions, which are storable and shareable within your workspace.
Generating a summary within Security Copilot can vary in complexity and detail, influenced by how you craft your prompt.
More details:
#ai #genai #security #copilot #securitycopilot #microsoft #microsoftsecurity #azure #xdr #soc #llm #cybersecurity #prompt #prompting #promptengineering #promptbooks #securityincident #hunting #triage
-
𝐋𝐚𝐭𝐞𝐬𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐀𝐒𝐌 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐬 𝐈𝐧𝐜𝐫𝐞𝐚𝐬𝐞 𝐕𝐢𝐬𝐢𝐛𝐢𝐥𝐢𝐭𝐲 𝐚𝐧𝐝 𝐄𝐧𝐡𝐚𝐧𝐜𝐞 𝐐𝐮𝐞𝐫𝐲𝐢𝐧𝐠 𝐟𝐨𝐫 𝐅𝐚𝐬𝐭𝐞𝐫 𝐑𝐞𝐦𝐞𝐝𝐢𝐚𝐭𝐢𝐨𝐧
Microsoft Defender External Attack Surface Management (Defender EASM) discovers and classifies assets and workloads across your organization's digital presence to enable teams to understand and prioritize exposed weaknesses in cloud, SaaS, and IaaS resources to strengthen security posture.
Latest features added:
➡Top 25 Common Weakness Enumeration (CWE) dashboard
➡CISA Known Exploits dashboard
➡Push notifications
➡Software Development Kits (SDKs) for Java and Javascript
➡Discovery run improvements
➡Filter editor redesign
➡New attack surface insights
#defender #easm #ExternalAttackSurfaceManagement #microsoft #microsoftsecurity #threatintelligence #xdr #azure #cloudsecurity #soc #cert #cloud #cloudnative #cve #cwe #cisa
-
𝐌𝐚𝐩 𝐂𝐨𝐧𝐭𝐚𝐢𝐧𝐞𝐫 𝐈𝐦𝐚𝐠𝐞𝐬 𝐟𝐫𝐨𝐦 𝐂𝐨𝐝𝐞 𝐭𝐨 𝐂𝐥𝐨𝐮𝐝 𝐰𝐢𝐭𝐡 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐂𝐥𝐨𝐮𝐝
When a vulnerability is identified in a container image stored in a container registry or running in a Kubernetes cluster, it can be difficult for a security practitioner to trace back to the CI/CD pipeline that first built the container image and identify a developer remediation owner.
With DevOps security capabilities in Microsoft Defender Cloud Security Posture Management (CSPM), you can map your cloud-native applications from code to cloud to easily kick off developer remediation workflows and reduce the time to remediation of vulnerabilities in your container images.
Details: https://learn.microsoft.com/en-us/azure/defender-for-cloud/container-image-mapping
#defender #cspm #CloudSecurityPostureManagement #devops #pipeline #codetocloud #container #vulnerabilities #Kubernetes #cnapp #cwpp #cloudnative #cloudsecurity #soc #microsoft #microsoftsecurity #azure #multicoud
-
𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭
The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.
While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.
Top Configuration Recommendations:
Defender for Office 365
➡ Restrict user ability to release emails from quarantine
Defender for Endpoint
➡Enable tamper protection
➡Enable network protection in block mode
➡Block untrusted and unsigned processes that run from USB
➡Block JavaScript or VBScript from launching downloaded executable content
➡Block executable content from email client and webmail
Entra ID
➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID
➡Require MFA for self-service password reset (SSPR)
Defender for Identity
➡Set a honeytoken account
#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception
-
𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫
The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.
For more information, see:
#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative
-
𝐌𝐚𝐧𝐚𝐠𝐞 𝐲𝐨𝐮𝐫 𝐝𝐞𝐯𝐢𝐜𝐞𝐬 𝐰𝐢𝐭𝐡 𝐞𝐚𝐬𝐞 𝐮𝐬𝐢𝐧𝐠 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐫𝐮𝐥𝐞𝐬 𝐟𝐨𝐫 𝐝𝐞𝐯𝐢𝐜𝐞 𝐭𝐚𝐠𝐠𝐢𝐧𝐠 𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫
We are excited to announce that dynamic rules for tagging devices is now generally available. This feature enables security teams to create and manage rules that automatically assign and remove tags from devices based on user-defined criteria directly in the Microsoft Defender portal.
Dynamic tags:
- simplify tag management,
- reduce manual efforts,
- facilitate efficient device tracking,
- simplify compliance by automatically categorizing non-compliant devices
#edr #xdr #defender #defenderxdr #microsoft365defender #endpoint #management #tag #device #compliance #microsoft #microsoftsecurity #soc #cloudsecurity #cloud #cloudnative
-
𝐇𝐨𝐰 𝐭𝐨 𝐭𝐞𝐦𝐩𝐥𝐚𝐭𝐢𝐳𝐞 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 𝐩𝐥𝐚𝐲𝐛𝐨𝐨𝐤
Have you developed a Logic App playbook for Microsoft Sentinel and want to make it available to the community?
Use the following tool to create a template. It's very easy and useful! 😊
https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Playbook-ARM-Template-Generator
Demo: https://www.youtube.com/watch?v=scTtVHVzrQw
#soar #sentinel #microsoftsentinel #playbook #automation #template #arm #azure #logicapp #microsoft #microsoftsecurity #cloud #cloudsecurity #ARMtemplate #github #soc #cyber #cybersecurity #json
-
Get the e-book, 𝐓𝐡𝐞 𝐏𝐚𝐭𝐡 𝐭𝐨 𝐀𝐈: 𝐏𝐚𝐯𝐞 𝐭𝐡𝐞 𝐰𝐚𝐲 𝐟𝐨𝐫 𝐩𝐨𝐰𝐞𝐫𝐟𝐮𝐥 𝐜𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐈 𝐰𝐢𝐭𝐡 𝐢𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐞𝐝 𝐗𝐃𝐑 𝐚𝐧𝐝 𝐒𝐈𝐄𝐌
You'll find information about:
➡ 𝐓𝐡𝐞 𝐏𝐚𝐭𝐡 𝐭𝐨 𝐀𝐈: how integrated XDR and SIEM can help organizations prepare for using generative AI cybersecurity tools such as Microsoft Security Copilot.
➡𝐓𝐡𝐞 𝐂𝐡𝐚𝐥𝐥𝐞𝐧𝐠𝐞𝐬 𝐨𝐟 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲: the common problems that security teams face, such as increasing attacks, expanding attack surfaces, talent shortage, and tool complexity.
➡𝐓𝐡𝐞 𝐁𝐞𝐧𝐞𝐟𝐢𝐭𝐬 𝐨𝐟 𝐈𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐞𝐝 𝐗𝐃𝐑 𝐚𝐧𝐝 𝐒𝐈𝐄𝐌: how combining XDR and SIEM can provide end-to-end visibility, speed, accuracy, and efficiency for security operations, as well as reducing costs and risks.
➡𝐓𝐡𝐞 𝐏𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥 𝐨𝐟 𝐆𝐞𝐧𝐞𝐫𝐚𝐭𝐢𝐯𝐞 𝐀𝐈: Microsoft Security Copilot, the first generative AI security analysis tool, and how it can amplify security operations with natural language prompts, insights, guidance, and predictions.
➡𝐓𝐡𝐞 𝐍𝐞𝐱𝐭 𝐒𝐭𝐞𝐩𝐬 𝐭𝐨 𝐓𝐚𝐤𝐞: exploring deployment options and learn more about Microsoft’s SIEM and XDR solutions and Security Copilot.
https://info.microsoft.com/ww-landing-the-path-to-ai.html
#generativeai #genai #ai #xdr #siem #defenderxdr #defender #sentinel #soar #cybersecurity #cloudnative #cloudsecurity #security #copilot #securitycopilot #microsoft #microsoftsecurity #soc
-
𝐈𝐧𝐭𝐫𝐨𝐝𝐮𝐜𝐢𝐧𝐠 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐂𝐥𝐨𝐮𝐝 𝐋𝐚𝐛𝐬
Our labs project help you get ramped up with Microsoft Defender for Cloud and provide hands-on practical experience for product features, capabilities, and scenarios. The labs are divided into 3 main tracks, a beginner (level 100/200) and an advanced (level 300+) track. The labs contain several modules cover different pillars such as Cloud Security Posture Management (CSPM) to Cloud Workload Protection (CWP). To start using our labs, you will need to create Azure Trial Subscription which provides you all capabilities for 30 days – so you have to finish this lab at this point to take advantage of the free trial.
https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Labs
#defender #defenderforcloud #cnapp #cspm #cwp #cwpp #cloudsecurity #multicloud #azure #aws #gcp #microsoft #microsoftsecurity #soc #server #container #storage #dns #api #devops #database #api #github #arc #agentless #storageaccount #mde #vulnerability #mdvm #siem
-
I really hate it when Microsoft Authenticator infrastructure gets too excitable, sends two requests *at once* and then you don't know which of the two codes to enter first 😡
-
I'd like to point out this really interesting article on the topic: 𝐓𝐨𝐤𝐞𝐧 𝐓𝐡𝐞𝐟𝐭 𝐓𝐚𝐥𝐤.
Key points and topics covered:
- Primary Refresh Tokens (PRT) on all operating system platforms have been hardened against theft from day one. The level of protection depends on operated system capabilities, with Windows offering the strongest protection.
- First line of defense against token theft is protecting your devices by deploying endpoint protections, device management, MFA (and moving towards phishing-resistant credentials), and antimalware
You can reduce token theft by carefully orchestrating Entra ID security products:
▶Addressing token theft of sign-in session artifacts: Conditional Access: Token protection policy offers cryptographic protection against replay of stolen tokens.
▶Addressing token theft of app session artifacts: block usage of stolen access tokens and workload cookies outside of your corporate network by using Conditional Access.
▶Detecting token theft: enable risk detections with Microsoft Entra ID Protection to elevate user risk when token theft is suspected.
#microsoft #microsoftsecurity #entraid #azuread #azure #idp #token #tokentheft #cloudsecurity #identity #prt #cookies #identityprotection #mfa #cae #conditionalaccess #refreshtoken #token
-
𝐁𝐞𝐜𝐨𝐦𝐞 𝐚 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐎𝐂 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦 𝐍𝐢𝐧𝐣𝐚
We are bringing together Microsoft Sentinel and Defender XDR to deliver the most optimized and unified security operations platform.
It's time to update with a new Ninja training. 🥋
Note: The integration of Microsoft Sentinel into the Defender portal is currently in private preview,
#microsoft #microsoftsecurity #sentinel #microsoftsentinel #siem #soar #xdr #defenderxdr #soc #defender #azure #cybersecurity #training #hunting #automation #cloudsecurity #cloudnative
-
𝐏𝐫𝐨𝐭𝐞𝐜𝐭 𝐲𝐨𝐮𝐫 𝐨𝐫𝐠𝐚𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧𝐬 𝐚𝐠𝐚𝐢𝐧𝐬𝐭 𝐐𝐑 𝐜𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐰𝐢𝐭𝐡 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐎𝐟𝐟𝐢𝐜𝐞 365
QR codes are used in phishing attacks for mainly two reasons:
1️⃣ They move the attack away from well-protected corporate environments and onto the victim’s personally owned mobile device, which may be less secure.
2️⃣ They leverage the most common credential theft vector which is the uniform resource locator (URL).
𝐇𝐨𝐰 𝐌𝐃𝐎 𝐝𝐞𝐭𝐞𝐜𝐭𝐬 𝐐𝐑 𝐂𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠
➡ Image Detection in a message inline during mail flow
➡Threat Signals
➡URL Analysis
➡Heuristics-based Rules
To further increase protection, it is recommended to use:
➡𝐄𝐱𝐭𝐞𝐧𝐝𝐞𝐝 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐚𝐧𝐝 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞 (XDR): Microsoft Defender XDR provides comprehensive defense against advanced threats like QR code phishing
➡𝐌𝐨𝐛𝐢𝐥𝐞 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧: Microsoft Defender for Endpoint on Android and iOS includes anti-phishing capabilities that also apply to QR code phishing attacks, blocking phishing sites from being accessed.
➡𝐄𝐧𝐝-𝐔𝐬𝐞𝐫 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠: Defender for Office 365 customers can use Attack Simulation Training to educate their end users by simulating real-world phishing attacks and other types of cyber threats.
#qrcode #phishing #mdo #defenderforoffice #defender #xdr #edr #office365 #image #url #microsoft #microsoftsecurity #soc #cyber #cybersecurity #ast #usertraining #awareness #Quishing #cloudsecurity
-
𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭
📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.
➡Device management
➡Identity management
➡Data security
➡Cloud security
➡External attack surface management
📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!
#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence
-
[Share] Azure Feeds Newsletter for the week of Saturday, December 02, 2023, to Saturday, December 09 2023
This email is hitting subscribed user inboxes as we speak! (you can sign up here: https://newsletter.azurefeeds.com/join).
There is a massive amount of amazing community updates this week, with the first week of the Festive Tech Calendar (https://festivetechcalendar.com/)!
Note: This year, the Festive Tech Calendar Team are raising money for the Raspberry Pi Foundation! If you would like to donate to this foundation, make sure you check the Festive Tech Calender givealittle page: https://www.justgiving.com/page/festive-tech-calendar-2023
Includes Weekly #AzureUpdates, Latest #TechCommunity posts, latest #MicrosoftSecurity posts, posts from the #Azure and #TechCommunity, weekly updates on #AzurePolicy and #AzureArchitectureCenter and finally, recently released or modified Microsoft Learn content.
https://clt1619647.bmeurl.co/10787541
#mvpbuzz #microsoft #community #cloudfamily #azurenews #azureupdates #newsletter #azureweekly #AzureFeeds #Azure #MicrosoftLearn #sparkpossibility #cloudfamily
-
𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭
📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.
➡Device management
➡Identity management
➡Data security
➡Cloud security
➡External attack surface management
📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!
#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence
-
𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱
At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:
➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation
➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds
➡Accelerated critical risk remediation with Microsoft Security Copilot integration
➡Integrated security across multiple DevOps platforms
Extended protection for cloud workloads
➡Improved API Security Posture
➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform
More details:
#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability
-
𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱
At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:
➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation
➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds
➡Accelerated critical risk remediation with Microsoft Security Copilot integration
➡Integrated security across multiple DevOps platforms
Extended protection for cloud workloads
➡Improved API Security Posture
➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform
More details:
#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability
-
𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱
At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:
➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation
➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds
➡Accelerated critical risk remediation with Microsoft Security Copilot integration
➡Integrated security across multiple DevOps platforms
Extended protection for cloud workloads
➡Improved API Security Posture
➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform
More details:
#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability
-
𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱
At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:
➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation
➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds
➡Accelerated critical risk remediation with Microsoft Security Copilot integration
➡Integrated security across multiple DevOps platforms
Extended protection for cloud workloads
➡Improved API Security Posture
➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform
More details:
#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability
-
𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱
At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:
➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation
➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds
➡Accelerated critical risk remediation with Microsoft Security Copilot integration
➡Integrated security across multiple DevOps platforms
Extended protection for cloud workloads
➡Improved API Security Posture
➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform
More details:
#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability
-
𝗚𝗲𝘁 𝗶𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗼𝗻 𝗶𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗮𝗻𝗱 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝗮𝗰𝗰𝗲𝘀𝘀 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝗮𝘁 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗜𝗴𝗻𝗶𝘁𝗲, 𝗡𝗼𝘃 𝟭𝟱-𝟭𝟳 𝟮𝟬𝟮𝟯
#microsoft #microsoftsecurity #ignite #microsoftignite #identity #access #network #zerotrust #entra #azure #Passwordless #SecurityServiceEdge #sse #identityprotection #governance #identitygovernance
-
𝗚𝗲𝘁 𝗶𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗼𝗻 𝗶𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗮𝗻𝗱 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝗮𝗰𝗰𝗲𝘀𝘀 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝗮𝘁 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗜𝗴𝗻𝗶𝘁𝗲, 𝗡𝗼𝘃 𝟭𝟱-𝟭𝟳 𝟮𝟬𝟮𝟯
#microsoft #microsoftsecurity #ignite #microsoftignite #identity #access #network #zerotrust #entra #azure #Passwordless #SecurityServiceEdge #sse #identityprotection #governance #identitygovernance
-
𝗦𝗶𝗺𝗽𝗹𝗶𝗳𝗶𝗲𝗱 𝗱𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝘄𝗶𝘁𝗵 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆
"Microsoft Defender for Identity is an essential part of a modern security practice, helping your organization protect against, and respond to, identity-based threats. In this blog we will show you the simple steps for deploying Microsoft Defender for Identity within your environment."
#defenderforidentity #mdi #microsoft #microsoftsecurity #defender #adfs #domaincontroller #activedirectory #itdr #azure #adfs #adcs #deployment
-
𝗪𝗵𝗮𝘁 𝗶𝘀 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗼𝗽𝗶𝗹𝗼𝘁?
"It is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles."
The primary focus of the Early Access Program is centered around:
📌𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲
📌𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝘀𝘁𝘂𝗿𝗲 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
📌𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴
"Here's an explanation of how Microsoft Security Copilot works:
➡ User prompts from security products are sent to Security Copilot.
➡Security Copilot then pre-processes the input prompt through an approach called grounding, which improves the specificity of the prompt, to help you get answers that are relevant and actionable to your prompt. Security Copilot accesses plugins for pre-processing, then sends the modified prompt to the language model.
➡Security Copilot takes the response from the language model and post-processes it. This post-processing includes accessing plugins to gain contextualized information.
➡Security Copilot returns the response, where the user can review and assess the response."
https://learn.microsoft.com/en-us/security-copilot/microsoft-security-copilot
#microsoft #microsoftsecurity #securitycopilot #copilot #soc #incidentresponse #soc #analyst #securityanalyst #ai #artificialinteligence #generativeai #openai #azureopenai #llm #cybersecurity #defender #xdr #sentinel #intune #prompt #largelanguagemodel #llm #foundationalmodel #gpt4 #gpt3
-
𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐄𝐚𝐫𝐥𝐲 𝐀𝐜𝐜𝐞𝐬𝐬 𝐏𝐫𝐨𝐠𝐫𝐚𝐦 𝐚𝐧𝐧𝐨𝐮𝐧𝐜𝐞𝐦𝐞𝐧𝐭
Today as we announce our Early Access Program is now open to qualified customers, we are adding important new capabilities:
➡ A new Security Copilot experience embedded within our industry-leading extended detection and response (XDR) platform, Microsoft 365 Defender. This new embedded experience helps guide analysts directly with actionable recommendations—all from within a single unified experience.
➡Microsoft Defender Threat Intelligence is now included at no cost with Security Copilot. Defender Threat Intelligence enables customers to directly access, operate on, and integrate Microsoft’s finished threat intelligence, delivering a greater depth of insight to security teams.
#microsoft #microsoftsecurity #copilot #securitycopilot #Azureopenai #llm #ai #soc #xdr #siem #defender #defenderthreatintellitence #threatintelligence #azure #cybersecurity #aisecurity