Defender TI Archieven - Jeffrey Appel - Microsoft Security blog

AiTM/ MFA phishing attacks in combination with “new” Microsoft protections (2025 edition)

Adversary-in-the-middle phishing attacks are still more common in use, in the last year and the start of 2025 there is still a more visible increase in AiTM/ MFA phishing. Since the removal of basic authentication from Exchange Online more and…

Jeffrey, February 2, 2025 4 33 min read

Security

Microsoft Defender Threat Intelligence (Defender TI) integrations with Microsoft Sentinel

Microsoft Defender Threat Intelligence (MDTI) previously known as RiskIQ brings the threat intelligence data together from multiple sources. With the use of Microsoft Defender Threat Intelligence (MDTI) customers will have direct access to data and signals to hunt for threats…

Jeffrey, June 1, 2023 3 13 min read

Security

How works Microsoft Defender Threat Intelligence / Defender TI – and what is the difference between free and paid

Microsoft Defender Threat Intelligence (MDTI), previously known as RiskIQ brings threat Intelligence data together from multiple sources. With Microsoft Defender Threat Intelligence (MDTI), customers will have direct access to real-time data and signals to hunt for threats across their environments….

Jeffrey, May 3, 2023 2 13 min read

Recent Posts

Defender for Office 365 Auto-Remediation of Malicious Messages (AIR)

Automated incident triage with Security Copilot and Microsoft Sentinel/ Defender XDR

AI workload threat protection in Microsoft Defender for Cloud

Configure automatic Attack Disruption in Microsoft Defender XDR

How to protect against Device Code Flow abuse (Storm-2372 attacks) and block the authentication flow

Common mistakes during Microsoft Defender for Endpoint deployments

How to check for OAuth apps with specific Graph permissions assigned

Tag: Defender TI

AiTM/ MFA phishing attacks in combination with “new” Microsoft protections (2025 edition)

Microsoft Defender Threat Intelligence (Defender TI) integrations with Microsoft Sentinel

How works Microsoft Defender Threat Intelligence / Defender TI – and what is the difference between free and paid

Microsoft MVP

MDE blog series

Supporting this blog

Latest topics

Defender for Office 365 Auto-Remediation of Malicious Messages (AIR)

Automated incident triage with Security Copilot and Microsoft Sentinel/ Defender XDR

AI workload threat protection in Microsoft Defender for Cloud

Configure automatic Attack Disruption in Microsoft Defender XDR

How to protect against Device Code Flow abuse (Storm-2372 attacks) and block the authentication flow

Common mistakes during Microsoft Defender for Endpoint deployments

Defender for Office 365 Auto-Remediation of Malicious Messages (AIR)

Automated incident triage with Security Copilot and Microsoft Sentinel/ Defender XDR

AI workload threat protection in Microsoft Defender for Cloud

Configure automatic Attack Disruption in Microsoft Defender XDR

How to protect against Device Code Flow abuse (Storm-2372 attacks) and block the authentication flow

Common mistakes during Microsoft Defender for Endpoint deployments

Today's pick

Latest

Popular

Defender for Office 365 Auto-Remediation of Malicious Messages (AIR)

Automated incident triage with Security Copilot and Microsoft Sentinel/ Defender XDR

AI workload threat protection in Microsoft Defender for Cloud

Configure automatic Attack Disruption in Microsoft Defender XDR

Fast response with Azure AD Continuous Access Evaluation (CAE) and Conditional Access

Downloads blokkeren via Conditional Access App Control vanuit Microsoft Endpoint Manager

Android Enterprise fully managed beschikbaar in Microsoft Intune voor zakelijke omgevingen

Android Enterprise via Microsoft Endpoint Manager als vervanger van Android device administrator