Mar 26, 2021
Azure Sentinel Design Update
Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, it has since advanced in bounds and leaps, doubling the number of data connectors, improving visualizations, incident management and building a rich ecosystem of options for SOAR and data enrichment. Combined with a tight […]
Read More Feb 12, 2021
Microsoft Security Stack Coverage
Contact us for full walk-through of this diagram and a review of Microsoft Graph Security integration with the overall Microsoft security stack.
Read More Nov 22, 2020
Microsoft Graph Security Components & API
Microsoft Graph, the Security component was born as a way to represent the threat intelligence information in a form that is closer to the way they attackers approach their targets, as a graph of interconnected systems, with complex relationships between themselves and 3rd party entities. Inside the graph, Microsoft is using their substantial analytical power […]
Read More Sep 13, 2020
Azure Sentinel Design
Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, it has since advanced in bounds and leaps, doubling the number of data connectors, improving visualizations, incident management and building a rich ecosystem of options for SOAR and data enrichment. Combined with a tight […]
Read More Aug 3, 2020
Azure AD Identity Protection Design
Azure AD Identity Protection Design by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF, Dorian Birsan Last update: August 3rd, 2020 Azure AD Identity Protection (AAIP) is another piece of the Microsoft M365 security stack puzzle, extending the detection of threats related to identities. It provides ability to enforce policies, […]
Read More May 24, 2020
Microsoft Defender Advanced Threat Protection (ATP) Design
Defender ATP is one of the stars of Microsoft’s security stack, with a meteoric rise in Gartner’s Magic Quadrant for endpoint protection. With 6 layers of protection geared towards specific requirements of the modern EDR, it takes advantage of the complementary Microsoft security services, such as Microsoft Cloud App Security, Azure ATP, Azure Information Protection, […]
Read More May 10, 2020
Azure Advanced Threat Protection (ATP) Design
Azure Advanced Threat Protection (ATP) is probably a bit misunderstood as its main purpose is to identify threats in the traditional on-premises Active Directory with the help of multiple sources of information from other security controls that have visibility into various streams of data. It combines information collected from critical Windows event logs, network traffic […]
Read More May 3, 2020
Microsoft Cloud App Security Design
Microsoft Cloud App Security (MCAS) has been rated as the number 1 leader CASB product in Gartner’s Magic Quadrant in 2019. As part of Microsoft’s cloud security stack, it provides full integration with other M365 security products, such as ATP, Security Center, Defender ATP and Azure Sentinel. It provides deep visibility and control of SaaS-related […]
Read More 
