Azure Sentinel SIEM

Oct 22, 2020

Extended Microsoft MDR Service Components

Understanding the components of an extended Microsoft MDR service by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF October 22, 2020 During our engagements with customers we are always in a situation where we have to explain the differences between various flavors of MDR services and sometimes even the difference […]

Read More
Extended Microsoft MDR Service Components
Oct 12, 2020

Detecting and Mitigating EDoS attacks in Azure Sentinel

Cloud computing is emerging or one would rather say has long time emerged as the panacea for on-demand scalability and elasticity of IT resources and organizations around the world are taking advantage of it at an unprecedented speed. Such scalability comes with a price and cloud resources that are not managed properly can add up […]

Read More
Detecting and Mitigating EDoS attacks in Azure Sentinel
Sep 28, 2020

Microsoft Security Stack Product Rebranding

Microsoft Security Stack Product Rebranding by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF Last update: September 28, 2020 On September 22nd, 2020, Microsoft announced a rebranding of their threat protection portfolio as well as an emphasis on its tools becoming a components of  an extended detection and response (XDR) […]

Read More
Microsoft Security Stack Product Rebranding
Sep 13, 2020

Azure Sentinel Design

Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, it has since advanced in bounds and leaps, doubling the number of data connectors, improving visualizations, incident management and building a rich ecosystem of options for SOAR and data enrichment. Combined with a tight […]

Read More
Azure Sentinel Design
Aug 16, 2020

Azure Sentinel Data Connectors

On July 21, 2020 Microsoft announced a new set of Azure Sentinel data connectors for some important security solutions providers. This is great news for our Sentinel customers, as the ability to ingest logs from a wide variety of log sources is one of  top requests, along with data optimization (how can I reduce my […]

Read More
Azure Sentinel Data Connectors
Aug 3, 2020

Azure AD Identity Protection Design

Azure AD Identity Protection Design by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF, Dorian Birsan Last update: August 3rd, 2020 Azure AD Identity Protection (AAIP) is another piece of the Microsoft M365 security stack puzzle, extending the detection of threats related to identities. It provides ability to enforce policies, […]

Read More
Azure AD Identity Protection Design
May 24, 2020

Microsoft Defender Advanced Threat Protection (ATP) Design

Defender ATP is one of the stars of Microsoft’s security stack, with a meteoric rise in Gartner’s Magic Quadrant for endpoint protection. With 6 layers of protection geared towards specific requirements of the modern EDR, it takes advantage of the complementary Microsoft security services, such as Microsoft Cloud App Security, Azure ATP, Azure Information Protection, […]

Read More
Microsoft Defender Advanced Threat Protection (ATP) Design
May 10, 2020

Azure Sentinel Incidents & KPI Dashboards

Since its release in preview mode in February 2019, Azure Sentinel has provided the Incidents blade in its portal as a platform to monitor and manage the situation when the configured use cases (alerts) are triggered. As the product evolved in bounds and leaps, the Incidents features has become more mature and now, combined with […]

Read More
Azure Sentinel Incidents & KPI Dashboards
May 10, 2020

Azure Advanced Threat Protection (ATP) Design

Azure Advanced Threat Protection (ATP) is probably a bit misunderstood as its main purpose is to identify threats in the traditional on-premises Active Directory with the help of multiple sources of information from other security controls that have visibility into various streams of data. It combines information collected from critical Windows event logs, network traffic […]

Read More
Azure Advanced Threat Protection (ATP) Design
May 3, 2020

Microsoft Cloud App Security Design

Microsoft Cloud App Security (MCAS) has been rated as the number 1 leader CASB product in Gartner’s Magic Quadrant in 2019. As part of Microsoft’s cloud security stack, it provides full integration with other M365 security products, such as ATP, Security Center, Defender ATP and Azure Sentinel. It provides deep visibility and control of SaaS-related […]

Read More
Microsoft Cloud App Security Design
Apr 27, 2020

Azure Windows Virtual Desktop Security Monitoring

Azure Windows Virtual Desktop (WVD) environment provides desktop and application virtualization, allowing connections from almost any kind of device to either a fully functional Windows 10 desktop or to an application virtualized on a Windows 10 VM. While providing great flexibility, it introduces additional components that require monitoring from a security perspective. Fortunately, the Azure […]

Read More
Azure Windows Virtual Desktop Security Monitoring
Mar 27, 2020

Azure Sentinel COVID-19 Alerts and IoCs

While the world is struggling to contain the devastating effects of the COVID-19 virus, there are an increasing number of malicious actors attempting to take advantage of it and attack organizations using the desire for information about this virus. At Managed Sentinel, we decided to create and maintain a list of IoCs (IP addresses, domains, […]

Read More
Azure Sentinel COVID-19 Alerts and IoCs
Page 1 of 3
Back to top
Close