Microsoft SIEM and XDR Weekly Wrap

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #22
Copy link
Facebook
Email
Notes
More

Microsoft Defender Weekly Wrap - Issue #22

Rod Trent
Apr 22, 2022

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #22
Copy link
Facebook
Email
Notes
More
Share

Happy Friday everyone! Thanks to everyone that's been here for a while and welcome to all the new subscribers this week.

Before getting into the content of the newsletter, there's a few things to highlight...

...

This week we added yet another Ninja training to the burgeoning pile of learning and assessments. This one is for Communication Compliance. So, if you're like me and have fun trying to collect all the Ninja certificates, this is a not miss opportunity for yet another one.

If you've not seen the full list of Ninja trainings yet, check out: All the Microsoft Ninja Training I Know About

...

For those that have been following along with the Must Learn KQL learning series and how it's being shaped and formed into different iterations, it's now being turned into a sort of study on how to create engaging learning content.

A couple of my colleagues (Pieter de Bruin and Sherry List) are working on this for delivery at the Azure Lowlands event in June.

Here's the abstract...

From enthusiast to authority: the educational journey of Must Learn KQL

When monitoring Azure solutions and security you are going to use kusto query language, which is relatively and can be intimidating. But fear not, there is help: In this session we dive into learning KQL through the MustLearnKQL project that contains blog posts, a book, videos, a certification and a podcast. We will also discuss how educating others by creating technical content like this, can help you grow, build a community and have fun along the way.

Pretty neat to see my creation take on such a life of its own!

...

Well, we made it. Myself and my colleagues kicked off the inaugural episode of the Microsoft Security Insights show on Microsoft Reactor Wednesday evening. The show was a good one. Some of you showed up for the live event and provided commentary and questions. I hope you enjoyed listening and watching.

For those that missed it, the replay is available now. With Matt Soseman as our guest, the conversation turned to the obvious topics of Zero Trust and Identity security. Each time I talk to Matt, I feel like I'm smarter afterward. And I know you'll feel that way, too.

Catch the latest episode here: https://cda.ms/49t

And you can prepare now for our next Microsoft Reactor episode on May 25th when our good friend and Microsoft Sentinel PM, Jing Nghik will be on.

You can jump out and set a reminder to tune in here: https://cda.ms/49v

...

I hope you all have a great weekend and an awesome week ahead.

Talk soon.

-Rod

Things that are New

The future of compliance and data governance is here: Introducing Microsoft Purview - Microsoft Security Blog — www.microsoft.com To meet the challenges of today’s decentralized, data-rich workplace, we’re introducing Microsoft Purview—a comprehensive set of solutions that help you govern, protect, and manage your entire data estate. This new brand family combines the capabilities of the former Azure Purview and the Microsoft 365 Compliance portfolio that customers already rely on, providing unified data governance and risk management for your organization.

Go Beyond with Microsoft Purview — www.youtube.com Microsoft Purview is a comprehensive set of solutions to help govern, protect, and manage your data estate. Customers previously used Azure Purview for unifi...

Things to Attend

Microsoft Security Insights Show Ep. 103 — www.youtube.com Tune in! Microsoft Security Insights is a weekly podcast that provides information, news, and tips on Microsoft Security Solutions including Microsoft Sentin...

Microsoft Defender for Endpoint Virtual Ninja Training – Microsoft Adoption — adoption.microsoft.com This training series is based on the Ninja blog and brings you up to speed quickly on Microsoft Defender for Endpoint.

Microsoft Security Summer Series Webinars — techcommunity.microsoft.com Want to help defend the world against cyber attacks ? We want you to influence our designs, plans, and guidance so we can have a global impact together.

Things that are Related

Discover the anatomy of an external cyberattack surface with new RiskIQ report - Microsoft Security Blog — www.microsoft.com The traditional security strategy has been a defense-in-depth approach, starting at the perimeter and layering back to protect internal assets. But in today’s world of ubiquitous connectivity, users—and an increasing amount of digital assets—often reside outside the perimeter. Accordingly, a Zero Trust approach to security is proving to be the most effective strategy for defending today’s decentralized enterprise.

AZ-305: Design identity, governance, and monitor solutions - Learn | Microsoft Docs — docs.microsoft.com This learning path helps prepare you for Exam AZ-305: Designing Microsoft Azure Infrastructure Solutions.

How to Submit Malicious Samples to Microsoft Security Team — www.linkedin.com Anti-Malware products are getting smarter and advance and they are capable of detecting and removing unknown or 0-day malwares. There are several algorithms and methods helping to detect unknown and suspicious files and Microsoft Anti-Malware engine (such as Microsoft Defender) comes with technologi

Things from Partners

Just Announced: MDR for OT now available on Azure Marketplace - Difenda — www.difenda.com The cybersecurity industry is no stranger to assumptions. It’s the reason why the same established technology providers have been the focus for over a decade. It’s also the reason why Microsoft was historically overlooked as a reliable solution provider in this space.

Defender for Cloud Things

VIDEO: Defender for Cloud in the Field - Out of Band Edition — www.linkedin.com In this week's episode of #Defender for #Cloud in the Field - Out of Band Edition, I'll cover the new P1 and P2 plans for Defender for Server and Tom Janetscheck is going to debunk some misconceptions about Defender for Servers.

Defender for Endpoint Things

BLOG: Announcing Microsoft Defender for Endpoint Firewall and Device control reports We are excited to announce the general availability of Device control and Windows Firewall Reports.

BLOG: Intune Devices investigation with MDE & Microsoft Sentinel — misconfig.io Are your Intune local users configured as local admin? Do you've got additional admin users on Intune devices? In most cases, Intune users could be the Local administrators, and it's a Feature without any disruption, and this is by default.

Microsoft 365 Defender Things

VIDEO: Optimizing KQL queries | Microsoft 365 Defender — www.youtube.com This video demonstrates ways you can optimize Kusto Query Language (KQL).►Learn more: http://aka.ms/mtpah► Subscribe to Microsoft Security on YouTube here: h...

Defender for Identity Things

VIDEO: Verifiable Credentials: Onboarding Employees — www.youtube.com Learn about verifiable credentials, an open standards platform to help organizations easily verify identity information while protecting the privacy of the i...

Defender for IoT

VIDEO: Microsoft Defender for IoT Webinars — www.linkedin.com Are you a member of our Microsoft Security Communities? Check out our latest Defender for IoT webinars by clicking on the links below: To join our Private...

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #22
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 Rod Trent
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More