Microsoft Defender for Endpoint series – Onboard using Configuration Manager/ GPO – Part3D
It is time for part 3D of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3C (Onboard Defender for Endpoint using Azure Arc) it is now time for some more technical deep-dive scoped on onboarding with Configuration Manager…
How to mitigate MFA fatigue and learn from the Uber breach for additional protection
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. With the rise of more default protection with the use of multi-factor authentication the MFA Fatigue technique is rising. In the past…
Configure File Integrity Monitoring (FIM) using Defender for Cloud and AMA-agent
File Integrity Monitoring (FIM) is a technology that monitors and detects file changes that could be indicative of a cyberattack. File Integrity Monitoring is part of Defender for Servers P2 and enables monitoring of operating system files, Windows Registry, Application Software…
Microsoft Defender for Endpoint series – Onboard using Azure Arc or Direct onboarding – Part3C
It is time for part 3C of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3B (Onboard Defender for Endpoint using Defender for Cloud) it is now time for some more technical deep-dive scoped on Azure Arc and…
Microsoft Defender for Endpoint series – Onboard using Defender for Cloud – Part3B
It is time for part 3B of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3A (Onboard Defender for Endpoint using Microsoft Intune) it is now time for some more technical deep-dive scoped on Defender for Cloud. Part…
Microsoft Defender for Endpoint series – Onboard using Microsoft Intune – Part3A
It is time for part 3A of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3 (Onboard Defender for Endpoint) it is now time for some more technical deep dive for specific onboarding methods. Part 3A is focused…
Tips for preventing against new modern identity attacks (AiTM, MFA Fatigue, PRT, OAuth)
Identity attacks are currently changing and focussing on new techniques. In the past years, many organizations protected accounts with MFA/ FIDO2 and configured additional controls like Conditional Access and disablement of legacy authentication. After some years Microsoft starts finally the…
Microsoft Defender for Endpoint series – Onboard Defender for Endpoint – Part3
It is time for part 3 of the ultimate Microsoft Defender for Endpoint (MDE) series. After part 2 (configuration MDE) we are now going to deep-dive more into the initial onboarding of Defender for Endpoint. In part 2 the question; how to configure…
Use the Azure Monitor Agent (AMA) for Defender for Cloud and migrate from MMA agent
Defender for Cloud was since the release based on the Microsoft Monitoring Agent (MMA). Since august 2022 it is possible to auto-deploy the Azure Monitoring Agent. With this new improvement, it is finally possible to migrate entirely from the Microsoft…
Protect against AiTM/ MFA phishing attacks using Microsoft technology
In the last couple of weeks, many researchers warns of a new large-scale phishing campaign that is using the adversary-in-the-middle (AiTM) techniques to bypass multi-factor authentication. Following Zscaler researchers Sudeep Singh and Jangadeeswar Ramanukolanu the campaign is designed to reach…