home.social
Sign in Create account

#securityanalytst — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #securityanalytst, aggregated by home.social.

  1. F0rm4t @[email protected] ·

    Automatically disrupt adversary-in-the-middle (AiTM) attacks with Microsoft XDR

    Microsoft announced expansion of automatic attack disruption to include adversary-in-the-middle attacks (AiTM) attacks, in an addition to the previously announced public preview for business email compromise (BEC) and human-operated ransomware attacks.

    techcommunity.microsoft.com/t5

    #microsoft #email #business #AiTM #bec #xdr #azure #soc #securityplatform #defender #defenderforidentity #defenderforcloudapps #defenderforendpoint #microsoft365defender #cloudsecurity #securityanalytst

    #microsoft #email #business #aitm #bec #xdr
  2. F0rm4t @[email protected] ·

    Automatically disrupt adversary-in-the-middle (AiTM) attacks with Microsoft XDR

    Microsoft announced expansion of automatic attack disruption to include adversary-in-the-middle attacks (AiTM) attacks, in an addition to the previously announced public preview for business email compromise (BEC) and human-operated ransomware attacks.

    techcommunity.microsoft.com/t5

    #microsoft #email #business #AiTM #bec #xdr #azure #soc #securityplatform #defender #defenderforidentity #defenderforcloudapps #defenderforendpoint #microsoft365defender #cloudsecurity #securityanalytst

    #microsoft #email #business #aitm #bec #xdr
  3. F0rm4t @[email protected] ·

    Microsoft Defender Threat Intelligence (Defender TI) is now available to licensed customers within the Microsoft 365 Defender (M365 Defender) portal, placing its powerful threat intelligence side-by-side with the advanced XDR functionality of M365 Defender.

    Use Cases

    ➡ Advanced hunting with Defender TI IOCs against the logs and Events within Microsoft 365 Defender

    ➡Upload IOC to a storage account\public GitHub

    ➡Using KQL Externaldata operator as correlation source and proactive hunting and enabling custom detection on M365 Defender

    ➡M365 Defender Raw Event Detection

    ➡M365D Raw events flow into Sentinel with the M365 Defender Data connector

    ➡MDTI Feeds flow into Sentinel with MDTI Data connector

    ➡Manual TI correlation rule

    techcommunity.microsoft.com/t5

    #DefenderTI #TI #threatintelligence #MicrosoftDefenderThreatIntelligence #xdr #soc #securityplatform #securityanalytst #m365defender #microsoft365defender #microsoft #azure #intelligence #ioc #threathunting #ttp

    #defenderti #ti #threatintelligence #microsoftdefenderthreatintelligence #xdr #soc
  4. F0rm4t @[email protected] ·

    Microsoft Defender Threat Intelligence (Defender TI) is now available to licensed customers within the Microsoft 365 Defender (M365 Defender) portal, placing its powerful threat intelligence side-by-side with the advanced XDR functionality of M365 Defender.

    Use Cases

    ➡ Advanced hunting with Defender TI IOCs against the logs and Events within Microsoft 365 Defender

    ➡Upload IOC to a storage account\public GitHub

    ➡Using KQL Externaldata operator as correlation source and proactive hunting and enabling custom detection on M365 Defender

    ➡M365 Defender Raw Event Detection

    ➡M365D Raw events flow into Sentinel with the M365 Defender Data connector

    ➡MDTI Feeds flow into Sentinel with MDTI Data connector

    ➡Manual TI correlation rule

    techcommunity.microsoft.com/t5

    #DefenderTI #TI #threatintelligence #MicrosoftDefenderThreatIntelligence #xdr #soc #securityplatform #securityanalytst #m365defender #microsoft365defender #microsoft #azure #intelligence #ioc #threathunting #ttp

    #defenderti #ti #threatintelligence #microsoftdefenderthreatintelligence #xdr #soc