Microsoft Defender for Endpoint series – Onboard using Azure Arc or Direct onboarding – Part3C
It is time for part 3C of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3B (Onboard Defender for Endpoint using Defender for Cloud) it is now time for some more technical deep-dive scoped on Azure Arc and…
Microsoft Defender for Endpoint series – Onboard using Defender for Cloud – Part3B
It is time for part 3B of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3A (Onboard Defender for Endpoint using Microsoft Intune) it is now time for some more technical deep-dive scoped on Defender for Cloud. Part…
Microsoft Defender for Endpoint series – Onboard using Microsoft Intune – Part3A
It is time for part 3A of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3 (Onboard Defender for Endpoint) it is now time for some more technical deep dive for specific onboarding methods. Part 3A is focused…
Tips for preventing against new modern identity attacks (AiTM, MFA Fatigue, PRT, OAuth)
Identity attacks are currently changing and focussing on new techniques. In the past years, many organizations protected accounts with MFA/ FIDO2 and configured additional controls like Conditional Access and disablement of legacy authentication. After some years Microsoft starts finally the…
Microsoft Defender for Endpoint series – Onboard Defender for Endpoint – Part3
It is time for part 3 of the ultimate Microsoft Defender for Endpoint (MDE) series. After part 2 (configuration MDE) we are now going to deep-dive more into the initial onboarding of Defender for Endpoint. In part 2 the question; how to configure…
Use the Azure Monitor Agent (AMA) for Defender for Cloud and migrate from MMA agent
Defender for Cloud was since the release based on the Microsoft Monitoring Agent (MMA). Since august 2022 it is possible to auto-deploy the Azure Monitoring Agent. With this new improvement, it is finally possible to migrate entirely from the Microsoft…
Protect against AiTM/ MFA phishing attacks using Microsoft technology
In the last couple of weeks, many researchers warns of a new large-scale phishing campaign that is using the adversary-in-the-middle (AiTM) techniques to bypass multi-factor authentication. Following Zscaler researchers Sudeep Singh and Jangadeeswar Ramanukolanu the campaign is designed to reach…
Microsoft Defender for Endpoint series – Configure Defender for Endpoint – Part2
It is time for part 2 of the ultimate Microsoft Defender for Endpoint (MDE) series. After part 1 we are now going to deep-dive more into the initial configuration of Defender for Endpoint. In part 1 the question; what is…
Block internet macros in Office, and don’t wait for Microsoft
Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default for all customers. Last week Microsoft announced that it will roll back this change based on ‘user feedback’ which raises security concerns. Microsoft announced…
Microsoft Defender for Endpoint series – What is Defender for Endpoint? – Part1
It is time for the first part of the ultimate Microsoft Defender for Endpoint (MDE) series. After the announcement and the great response, it is time for the first part. Part 1 contains information related to Defender for Endpoint’s basics….