Category: Microsoft Defender for Endpoint

Microsoft Defender for Endpoint custom auditing alerts

As mentioned in one of my previous post about the new auditing logs introduced in Microsoft Defender for Endpoint, I validated and tested several new custom detections that could add great value to your current detections. Custom detection to Sentinel I’m a big fan of using the power and flexibility of Sentinel. The current rules […]

🔒 Exciting Insights from the Belgian Microsoft Cloud & Security Community Event! 🔍

Had an incredible time at the recent Belgian Microsoft Cloud & Security Community Event, and I’m thrilled to share highlights from the event in my latest video! 🌐 Organizer Spotlight: Michael Van Horenbeeck Michael provided invaluable insights into what makes the community thrive and the incredible impact it has on fostering collaboration in the Microsoft […]

Attack surface reduction: the zero day killer

Whether you are a beginner or an experienced practitioner in the field of ASR, this video is sure to provide you with valuable knowledge and insights. So sit back, relax, and enjoy this video about Attack Surface Reduction rules Links ASR references: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide Palantir’s blog: https://blog.palantir.com/microsoft-defender-attack-surface-reduction-recommendations-a5c7d41c3cf8 LSASS Twitter question: https://twitter.com/LouisMastelinck/status/1643652827493937152 Chapters –Chapters–0:00 intro 1:18 1. […]