Microsoft SIEM and XDR Weekly Wrap

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #53
Copy link
Facebook
Email
Notes
More

Microsoft Defender Weekly Wrap - Issue #53

Rod Trent
Nov 25, 2022

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #53
Copy link
Facebook
Email
Notes
More
Share

Happy Friday everyone!

As you read this, I'm busy enjoying kith and kin. It's the Thanksgiving holiday in the US, which means I'm trying my best to avoid work and focus on the warmth of family.

Before I leave you to the newsletter content this week, let me say up front that this time of year, Thanksgiving through New Year's, is my absolute favorite because I get to spend it with family and friends. There’s nothing in this world more important to me than family and friends.

I'm blessed to be able to enjoy this time of year. But there's many who can't.

If you are someone that has difficulty this time of year (for whatever reason), or feels lonely, or needs someone to talk to – I hope you’re comfortable enough to reach out to someone. Most of us have people like that in our lives. But if you don’t, please don’t hesitate to reach out to me. I’d be more than happy to be that person for anyone struggling during the holiday season or any other time. I just want you to know that.

It's really easy to connect with me. I’m a very public person and can be reached at any time. So don’t hesitate to use any of the following to reach out. OK? 

  • LinkedIn: Rod Trent | LinkedIn

  • Twitter: Speaker 25 (@rodtrent) / Twitter

  • Mastodon: @rodtrent@infosec.exchange

Even if you don't celebrate the US Thanksgiving holiday, any time is a great time to take a minute to be thankful for the good times, positive things, and important people in your life.

Talk soon.

-Rod

Things that are Related

Safely integrate playbooks with custom APIs when there is no pre-built Logic App connector. – My Faber Security — myfabersecurity.com How to create a custom logic app connector, so you can store your API key securely and use it within your playbooks, when there is no pre-built connector.

Microsoft Security Insights Show Episode 129 - Thanksgiving 2022 Edition — www.youtube.com Join the crew in an out-of-band episode to discuss security and being thankful during the holiday season.

Things in Techcommunity

How Microsoft implements the DoD's Zero Trust strategy - Microsoft Security Blog — www.microsoft.com Strong industry and public sector partnerships are at the heart of our approach, which is why Microsoft was invited by the DoD to discuss how its Zero Trust definitions would map to new and existing computing environments.

Latest Threat Intelligence (November 2022) - Microsoft Community Hub — techcommunity.microsoft.com Microsoft Defender for IoT has released the November 2022 Threat Intelligence package. The package is available for download from the Microsoft Defender

Defender for Identity - Update the Access Key on Domain Controller - Microsoft Community Hub — techcommunity.microsoft.com Question: Can you update the access key on a domain controller after the sensor is installed? I had a situation that required us to recreate the portal

Defender for Cloud Things

TOOL: defender-for-cloud/enable-amaDefender4Servers.ps1 at main · seanstark/defender-for-cloud · GitHub — github.com This script will enable auto provisioning of the Azure Monitor Agent for Defender for Servers

VIDEO: Latest updates in the regulatory compliance dashboard | Defender for Cloud in the Field #21 — www.youtube.com In this episode of Defender for Cloud in the Field, Ronit Reger joins Yuri Diogenes to talk about the latest updates in the regulatory compliance dashboard t...

BLOG: Microsoft cloud security benchmark: Azure compute benchmark is now aligned with CIS! - Microsoft Community Hub — techcommunity.microsoft.com Security benchmarks help organizations strengthen their security posture and meet various cloud security compliance requirements. The Microsoft cloud

BLOG: Microsoft cloud security benchmark: Azure compute benchmark - Microsoft Community Hub — techcommunity.microsoft.com Azure compute benchmark is now aligned with CIS Security benchmarks help organizations strengthen their security posture and meet various cloud security

Defender for Endpoint Things

DOCS: Exclusions for Microsoft Defender for Endpoint and Microsoft Defender Antivirus | Microsoft Learn — learn.microsoft.com Learn about exclusions for Defender for Endpoint and Microsoft Defender Antivirus. Suppress alerts, submit files for analysis, and define exclusions and indicators to reduce noise and risk for your organization.

BLOG: Microsoft Defender for Endpoint removable storage access control updates — techcommunity.microsoft.com Better manage removable storage devices with new removable storage access control capabilities in Microsoft Defender for Endpoint.

BLOG: Microsoft Defender for Endpoint series – Defender Vulnerability Management – Part5  — jeffreyappel.nl It is time for part 5 of the Microsoft Defender for Endpoint (MDE) series. All previous parts were focused on the Defender for Endpoint onboarding and configuration. Now it is time for the initial usage of the Defender for Endpoint components. One of the key functions is Defender Vulnerability Management (MDVM), which is powerful and enables lots of useful insights.

365 Defender Things

BLOG: Microsoft Defender Attack Paths. Attack paths, for example LPE (Local… | by Derk van der Woude | Nov, 2022 | Medium — derkvanderwoude.medium.com Attack paths, for example LPE (Local Privilege Escalation) and RCE (Remote Code Execution) are TTPs (Tactics, Techniques and Procedures) used by black hat (bad actors) and/or white hat (ethical…

Microsoft Entra Things

VIDEO: Understanding and Using Verifiable Credentials — www.youtube.com A look at all things decentralized identity and verifiable credentials. What's a distributed identifier, what's a did document, how does it all work and why ...

Defender Threat Intelligence Things

BLOG: Microsoft Defender Threat Intelligence (MDTI) overview - Cyber Geeks | Cyber Security & Cloud Computing — cybergeeks.cloud What is MDTI? Microsoft Defender Threat Intelligence (MDTI) is a threat hunting and investigation solution that provides context on cyber threats, IoCs, threat actors, and related infrastructure via raw data sets and finished TI (Threat Intelligence) necessary to accelerate investigations. It can provide finished intelligence with actionable IOCs authored by Microsoft researchers with the ability

Defender for Experts

BLOG: Microsoft Defender Experts for XDR now in preview - Microsoft Community Hub — techcommunity.microsoft.com We are excited to announce that Microsoft Defender Experts for XDR is now officially in preview. Previously introduced as part of our new Microsoft

Share this post

Microsoft SIEM and XDR Weekly Wrap
Microsoft SIEM and XDR Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #53
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 Rod Trent
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More