Microsoft security architecture recommendations is a collection of best practices that provide clear actionable guidance for security related decisions. This is designed to help you increase your security posture and reduce risk whether your environment is cloud-only, or a hybrid enterprise spanning cloud(s) and on-premises data centers. This guidance was formerly referred to as AzureContinueContinue reading “Microsoft security architecture recommendations”
Category Archives: Blog Post
Microsoft Defender ATP service architecture and how we integrate with other products
Every customer has their own Microsoft Defender ATP tenant in the cloud, separated from other customers. All Microsoft Defender ATP behaviors & security events are collected and sent to the customer tenant. Those events are being used for: Visibility, and ReportingInvestigation, and threat huntingAutomated investigation & responseEvent correlation, and detectionsPrioritized Threat & Vulnerability managementSignal exchangeContinueContinue reading “Microsoft Defender ATP service architecture and how we integrate with other products”
Things you need for a successful Microsoft Defender ATP PoC
A step by step information for preparing a successful Microsoft Defender ATP POC. Trial Information Trials are good for 60 days.Trials can convert to production without issue. We encourage linking a trial to a production Azure AD instance so once purchased the trial becomes production. This also helps when with trialing Office ATP or ifContinueContinue reading “Things you need for a successful Microsoft Defender ATP PoC”
Microsoft – Supporting the Legal and Compliance Community
With companies rapidly shifting from on-premises technology infrastructure to cloud computing, legal and compliance professionals find themselves facing new questions from their organizations: Can we move to the cloud in our industry? What are the compliance requirements? What industry security standards do we need to think about? What should we look out for in ourContinueContinue reading “Microsoft – Supporting the Legal and Compliance Community”
Azure Sentinel To-Go: Sentinel Lab w/ Prerecorded Data & a Custom Logs Pipe via ARM Templates
It’s for all the Azure Sentinel Enthusiasts. A good blog post to read about how to deploy your own Azure Sentinel solution in a lab environment via Azure Resource Management (ARM) templates along with a custom logs ingestion pipeline to consume pre-recorded datasets and other resources for research purposes. https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-to-go-sentinel-lab-w-prerecorded-data-amp-a/ba-p/1260191 References: https://mordordatasets.com/introduction https://docs.microsoft.com/en-us/azure/azure-monitor/faq https://docs.microsoft.com/en-us/azure/azure-monitor/terminology https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platformContinueContinue reading “Azure Sentinel To-Go: Sentinel Lab w/ Prerecorded Data & a Custom Logs Pipe via ARM Templates”
Kiran NR Cybersecurity blog 