Pierre Thoor

Trusted Microsoft Cloud Cybersecurity Advisor

Microsoft Security MVP

Author

Speaker

Based in southern Sweden, I help organizations secure their Microsoft Cloud environments — turning complex security challenges into clear, actionable solutions.

---

What I Do

I work at Onevinn AB as a Trusted Microsoft Cloud Cybersecurity Advisor, where I focus exclusively on Microsoft Cloud and GitHub security. My day-to-day involves deep work across:

• Microsoft Sentinel — SIEM/SOAR design, detection engineering, KQL query development
• Microsoft Defender XDR — endpoint, identity, Office 365, and cloud app protection
• Microsoft Defender for Cloud — CSPM, CWPP, workload protection
• Azure Network Security — securing cloud-native and hybrid network architectures
• Azure Governance — managing and securing multi-cloud and on-premises resources
• Threat Protection & Incident Response — hunting threats and responding to incidents
• GitHub Security — securing code repositories and DevSecOps pipelines

---

Microsoft MVP

I’ve been recognized as a Microsoft Security MVP — an award given to independent community leaders who actively share their technical expertise with the broader community through speaking, writing, and community engagement.

---

Speaking & Community

I’m passionate about sharing knowledge and regularly speak at conferences, user groups, and online events across Europe and beyond. Full profile on Sessionize.

2026

• Experts Live Denmark — Copenhagen

2025

• Experts Live Denmark — Copenhagen
• NIC Rebel Edition — Oslo

2024

• ESPC24 — Stockholm

2023

• India Cloud Security Summit
• NIC Cloud Connect — Oslo
• Teamsdagen — Stockholm
• Stockholm TECH Show

2022

• Teamsdagen
• AVD Tech Fest

2021

• AVD Tech Fest Winter Edition
• Teamsdagen
• WVD Tech Fest

2020

• Teamsdagen

---

Book

Microsoft Defender for Identity in Depth

Foreword by Matthew Zorich and published by Packt Publishing in December 2024.

An exhaustive guide to ITDR, breach prevention, and cyberattack response. The book covers everything from deploying and managing Microsoft Defender for Identity to advanced threat hunting with KQL, PowerShell automation, API integration, and building a resilient Identity Threat Detection and Response (ITDR) framework.

Get it on Amazon or Packt.

---

Microsoft Defender for Office 365 Collaboration

I had the privilege of collaborating with the Microsoft Defender for Office 365 Product Engineering Team on a four-part guide to securing collaboration in Microsoft 365. I authored the chapter on safeguarding Microsoft Teams, covering user reporting, Safe Links protection, and advanced threat hunting techniques for SecOps.

The series — Microsoft Defender for Office 365: A Four-Part Guide to Secure Collaboration — was published on Microsoft Tech Community and is accompanied by a YouTube video series.

---

Get in Touch

• Email: pierre@thoor.tech
• Twitter/X: @PierreThoor
• GitHub: pthoor