MSEM | OT Security InitiativeFrom global tensions on nation-state level to cybercriminals and script-kiddies, cybersecurity for OT (Operational Technology) becomes more…Nov 21, 2024Nov 21, 2024
Phishing-resistant MFA basicsThis blog explains the basics of phishing-resistant MFA (Multi Factor Authentication) and the single- and/or multi-tenant support options…Jul 24, 2024Jul 24, 2024
Microsoft IT/OT convergence in Defender XDR (New) and SentinelDisclaimer there is no change for existing Microsoft Defender for IoT (Azure) deployments.Jul 16, 2024Jul 16, 2024
Defender for IoT sensor accessThe Microsoft Defender for IoT | OT Sensor is a virtual or physical appliance connected to the OT network via a SPAN port or TAP device to…May 3, 2024May 3, 2024
Microsoft Security Exposure Management #XSPMMicrosoft Security Exposure Management is a new Microsoft Security product in the Threat prevention layer of cybersecurity to provide…Mar 13, 2024Mar 13, 2024
Entra ID User Reconnaissance and how to Protect against Entra ID User ReconEntra ID (previous Azure Active Directory / Azure AD) is the Online version of Active Directory to access (authenticate and authorize)…Feb 17, 2024Feb 17, 2024
Active Directory reconnaissance and Microsoft Defender XDR detectionsUpdated blog (from 2020) which describes different Active Directory reconnaissance methods (MS-DOS, PowerShell and PowerSploit) to read the…Feb 14, 2024Feb 14, 2024
MDE | DeceptionDeception is a new feature in Microsoft Defender for Endpoint. This blog provides a high level overview of the new feature. Deception…Nov 16, 20231Nov 16, 20231
How to setup your own Microsoft Defender for IoT labThis blog is how to setup a physical lab environment for Microsoft Defender for IoT to get experience in deployment and usage of the…Nov 2, 2023Nov 2, 2023
How to use Microsoft Entra | Internet Access to prevent AiTM attack(s)While BEC (Business E-mail Compromise) attacks are prevented by Number Matching Multi Factor Authentication (enabled on global scale by…Aug 1, 2023Aug 1, 2023
How to protect against BEC & AiTM attacks via Microsoft 365 Defender | Automatic Attack DisruptionThe number of BEC (Business Email Compromise) and AiTM (Adversary in The Middle) attacks are growing significantly since 2023 (source…Jul 3, 20233Jul 3, 20233
Exploit IoT devices and how to prevent via MDE | Enterprise IoTMDE | Device DiscoveryApr 21, 2023Apr 21, 2023
Connect Microsoft Defender Threat Intelligence (MDTI ) to Microsoft Sentinel and enrich Incidents…Microsoft Defender Threat Intelligence (MDTI) is the TI solution from Microsoft (previous RiskIQ) to detect 0-day and pre-firewall threats…Apr 5, 2023Apr 5, 2023
Connect Microsoft Defender EASM to Microsoft Sentinel for Incident enrichmentMicrosoft Defender EASM (External Attack Surface Management) is the Microsoft (one of the two products from the RiskIQ acquisition, the 2nd…Mar 26, 2023Mar 26, 2023
Azure IoT Security part II | Azure SphereThe first part I describes the setup of the generic AZ3166 IoT device in Azure IoT services like the IoT Hub, agentless scanning features…Feb 13, 2023Feb 13, 2023
Azure IoT Security basicsThis blog is part of two series. The first part describes the Azure IoT security basics overview and the setup of a hardware IoT device lab…Feb 9, 2023Feb 9, 2023
The difference between IoT and OT from a Security perspectivePs. this is my personal view on the difference between OT & IoT with black&white glasses on, there are of course grey areas but I don’t…Jan 18, 20231Jan 18, 20231
Microsoft Defender and network devices (lab setup)This blog is about setting up a lab environment for Microsoft Defender products which require network devices (switch). The following…Jan 13, 2023Jan 13, 2023
Detect malicious Raspberry Pi or Arduino devices via MDE device discovery and Enterprise IoTIoT (Internet of Things) devices are often unsecure by default (e.g. default admin username/password and/or not up-to-date software with…Dec 30, 2022Dec 30, 2022
Azure AD Identity Protection - Risky Workload alert e-mail notificationLet’s start with thanks and credits for the Azure AD Identity Protection product group for working closely together on the latest detection…Dec 2, 2022Dec 2, 2022