Blog

Deploy and destroy Copilot for Security with Bicep and GitHub Actions Copilot for Security is now GA, how can we provision the service to save some money? Warning - Early Proof of Concept! Apr 1 · 5 min read Bicep GitHub Copilot for Security Configure Defender for Cloud workload protections with Azure Policy This Azure Policy initiative enables and configures Defender for Cloud workload protections, including Defender for S... Mar 29 · 6 min read MDC Defender for Cloud CSPM Demystifying Microsoft Defender for Cloud and Defender CSPM cost Do you find it hard to understand the mapping of features and capabilities Microsoft Defender for Cloud and Defender ... Mar 22 · 20 min read MDC Defender for Cloud CSPM

New Patch Management tool in the cloud - Azure Update Manager (AUM) is now GA Azure Update Manager (AUM) is now GA and is a new Patch Management tool in Azure that can be used to patch Windows an... Sep 21 · 5 min read Arc ESU Azure Update Manager Windows Server 2012/2012 R2 - End of support, what to do with Security Updates? Do you have Windows Server 2012/2012 R2 in your environment? If so, you need to read this post to understand what to ... Sep 19 · 5 min read Arc ESU Azure Update Manager Kusto Detective Agency - Season 2 Case 7 Kusto Detective Agency - Season 2 Case 7 additional hints and help Aug 15 · 24 min read Kusto Microsoft Sentinel and Azure OpenAI In this first of many posts we will activate the power of Azure OpenAI together with Microsoft Sentinel, this dynamic... Aug 9 · 28 min read Sentinel OpenAI AI Kusto Detective Agency - Season 2 Case 6 Kusto Detective Agency - Season 2 Case 6 additional hints and help Aug 3 · 23 min read Kusto Defender for Office 365 Blog Series - Part 3 🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with threat hunting Mar 31 · 4 min read Defender Manual Microsoft Sentinel incident from an Azure Workbook Perhaps not an ordinary use case but the ability to create a manual Microsoft Sentinel incident from an Azure Workboo... Mar 14 · 14 min read Sentinel Defender for Office 365 Blog Series - Part 2 🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with email authentication protocols, ... Jan 16 · 10 min read Defender

Defender for Office 365 Blog Series 🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with email authentication protocols, ... Dec 22 · 9 min read Defender Who Hacked? Microsoft Cloud Learn Games, Who Hacked? Dec 9 · 2 min read Sentinel Fixing Azure SQL long-term backup retention restore How you can fix the Azure SQL long-term backup retention restore error ✅ Oct 25 · 2 min read Azure Kusto Detective Agency - Hints More hints to get for the Kusto Detective Agency contest - things aren’t always what they seem to be in Digitown Oct 21 · 2 min read Azure Sentinel Microsoft Defender External Attack Surface Management (EASM) In this post we will look into getting started with Microsoft Defender External Attack Surface Management (EASM) Aug 4 · 4 min read Defender Add Twitter Threat Intelligence to Microsoft Sentinel In this post we will dig down into the twitter.threatintel.rocks site and how we can use that as an TI feed to Micros... Jun 4 · 27 min read Sentinel RDP Honeypot and Microsoft Sentinel Workbook Don't open EVERYTHING to EVERYONE. And for... use strong passwords. May 12 · 27 min read Sentinel Ubiquiti UniFi with Microsoft Sentinel Introduction So I just needed to try out this solution available in Microsoft Sentinel, or as it called now - Content... Jan 31 · 3 min read Sentinel Azure Cost Management API, Forecast and Power BI How does Azure Cost Management API work with forecasts, and Power BI visualizations, and how can we find out more abo... Jan 10 · 7 min read Cost Management Azure PowerShell

Add Hunting Queries (for Log4Shell) faster to Microsoft Sentinel Do you find it hard to add all of the Hunting Queries available to your Microsoft Sentinel Hopefully I have a PowerSh... Dec 21 · 15 min read Sentinel Protect Teams with Microsoft Sentinel - Part 4 In this post we will look at one of the LogicApp that was included in the Teams solution that we installed in Part 2 ... Dec 2 · 2 min read Sentinel Hunt for Guests inviting other guests with Microsoft Sentinel Are we vulnerable by default? And can we hunt our guests? Warning - we cannot see all... Nov 21 · 9 min read Sentinel Welcome Sweden Central - Which Azure Resources are available? Introduction Today is the day - Sweden Central is offically open! Nov 16 · 14 min read Azure Protect Teams with Microsoft Sentinel - Part 3 In this post we will look into some of the Sentinel Analytic Rules for Microsoft Teams Nov 9 · 20 min read Sentinel My view on Microsoft certifications My first Microsoft exam was at March, 2016 and it was for the Windows Server 2012 (Exam 70-410). I was so nervous and... Nov 4 · 3 min read Certifications Azure Protect Teams with Microsoft Sentinel - Part 2 In the first part of this series we enabled the logging capability of Microsoft Teams into Microsoft (previously Azur... Nov 3 · 5 min read Sentinel Protect Teams with Azure Sentinel Start hunting Microsoft Teams activities with Azure Sentinel Nov 1 · 5 min read Sentinel New fresh start Time really flyes. It's been too looooong since I did any writing in this blog. So time to get back to it, and to get... Oct 28 · 2 min read Azure

Restore-OneDrive (the PowerShell way) Recently I moved from OneDrive to OneDrive for Business (which is not automated task by the way…) and was hoping to h... Aug 12 · 4 min read OneDrive Microsoft 365 PowerShell Request-OneDriveSite To automate things, that’s why Snover did create PowerShell for, we sometimes need to pre-provision users OneDrive st... May 6 · 9 min read OneDrive PowerShell

Direct Access and Azure Traffic Manager I was setting up an Direct Access Multisite deployment and wanted to use Azure Traffic Manager as an GSLB solution. I... Sep 4 · 4 min read Azure