Pierre Thoor
Senior Cloud Security Architect
Onevinn AB
I secure Microsoft Cloud environments at enterprise scale — from Sentinel detection engineering and Defender XDR threat hunting to Azure network architecture, email security, and GitHub DevSecOps.
Microsoft Sentinel
SIEM/SOAR design · KQL · Detection engineering · Threat hunting · Log analytics
Defender XDR
Identity · Endpoint · Cloud Apps · Defender for Cloud · CSPM · CWPP
Email & Teams Security
Defender for Office 365 · Exchange Online Protection · Teams · MDO Champion
Azure Networking
AVNM · Azure Firewall · WAF · DDoS · Private Endpoints · Hub-spoke
GitHub Security
Actions security · Supply chain · Org rulesets · Advanced Security · DevSecOps
IaC & Automation
Bicep · Azure Verified Modules · PowerShell · Azure Policy · GitHub Actions CI/CD
Azure Default Outbound Access Retirement: What It Actually Means (and What It Doesn't)
Azure is retiring default outbound access for VNets. Here’s what it means for your workloads and how to prepare.
Defender XDRDeploy and destroy Copilot for Security with Bicep and GitHub Actions
Copilot for Security is now GA, how can we provision the service to save some money? Warning - Early Proof of Concept!
Conference Speaking
2020 – 2026
- Experts Live Denmark, Copenhagen
- NIC Rebel Edition, Oslo
- Experts Live Denmark, Copenhagen
- Teamsdagen, Stockholm
- ESPC24, Stockholm
Book
Microsoft Defender for Identity in Depth
An exhaustive guide to ITDR, breach prevention, and cyberattack response
Get the book →MDO Champion — Microsoft Defender for Office 365
Co-authored a four-part guide to securing Microsoft Teams collaboration with the Defender for Office 365 product engineering team — covering user reporting, Safe Links, and advanced threat hunting for Teams protection.