Latest updates and hand-picked resources.
When organizations start using Microsoft Entra ID Governance, they often hit a roadblock: thousands of old AD groups that have been around for years. These groups are deeply embedded in internal systems, making a quick switch to the cloud nearly impossible.
On July 25, 2024 Microsoft announced the public preview for auxiliary logs. To date (May 2025) no general availability launch has been announced, however it can be used by anyone as it is in public preview. Since then, Sentinel Professionals have been trying their hand at working implementations for Auxiliary Logs.
In recent years, the number of security incidents has been on the rise – and Security Operations Centers (SOC) are struggling to keep pace. For new analysts, this means they need more practice and time to investigate and resolve each case. To address these challenges, modern SOCs are turning to automation and AI.
In today’s hyperconnected business landscape, data is currency. It fuels innovation, drives decisions, and forms the foundation of trust between organizations and their stakeholders.
Proactive vulnerability management is the key to a resilient organisation. With Microsoft Defender Vulnerability Management, Microsoft offers a powerful tool for identifying potential vulnerabilities at an early stage, prioritising them and remedying them in a targeted manner.
Device Code Phishing exploits the OAuth 2.0 device login flow to trick users into authorizing malicious apps via legit Microsoft pages. It’s stealthy, hard to detect, and grants attackers broad access. Detection, access controls, and awareness are key.
Entra ID Governance wurde entwickelt, um diese Herausforderungen zu lösen, indem es Unternehmen dabei hilft, den Zugriff auf strukturierte, automatisierte und gesetzeskonforme Weise zu regeln und zu verwalten.
In an increasingly digital world where cyber threats are omnipresent and growing, a Security Operations Center (SOC) has become indispensable for organizations.
Discover how to build effective custom detection rules (DCRs) to enhance your organization's cybersecurity defenses. This guide, based on lessons from the field, explores the 'what' and 'why' of detection engineering, compares proactive and reactive approaches, and outlines a structured, step-by-step process for crafting tailored rules that minimize risks and reduce SOC workload. Perfect for SOC analysts, detection engineers, and CISOs looking to stay ahead of evolving threats.
As part of the Microsoft Entra Suite, Entra ID Protection is designed to provide organizations with advanced tools to safeguard identities.
In our everyday lives, we know who to call during emergencies: the police, an ambulance, or the fire department. But who do you call when your IT infrastructure is under cyberattack? When a power outage halts your operations or ransomware locks your critical data?
Microsoft Entra Verified ID is a component of the Microsoft Entra Suite, designed to securely manage and verify digital identities.
Microsoft Entra Internet Access is a security product that helps protect people and businesses when they use the internet and cloud apps.
Discover five actionable strategies to minimize false positives in your SOC, reduce alert fatigue, and strengthen your organization's overall security posture.
This solution is particularly focused on enhancing security for Zero Trust Network Access (ZTNA) by ensuring that access to private apps and resources is both secure and efficient.
The Microsoft Entra Suite is a comprehensive identity and access management solution designed to help organizations secure access to their digital resources, manage identities, and enforce Zero Trust principles.
Due to the ever-increasing number of hacker attacks, it is now essential to take further account security measures to protect accounts from unauthorized intrusion. One measure published by Microsoft at the beginning of the year is Entra ID Passkey.
In an era where remote work is increasingly common, ensuring secure and seamless access to corporate resources has become more important than ever.
Copilot for Microsoft 365 is an AI-driven writing assistant, leveraging state-of-the-art language models to seamlessly integrate with Microsoft's suite of productivity tools, including Word, Excel, PowerPoint, and Outlook.
In this blog we will dig into the capabilities of automation using Sentinel referred to as SOAR. SOAR (Security Orchestration, Automation, and Response) platforms are designed to streamline and enhance security operations by automating and orchestrating various tasks and processes.