#mxdr — Public Fediverse posts

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception