Showing posts from February, 2022

Microsoft 365 Defender – part 3

In our previous posts, we have looked at some of the basics of Microsoft 365 Defender. For those of you who want to learn more, Microsoft has done something pretty amazing for us. They have included a learning hub. Here you can look at different learning paths, look at info for the different products and also go into specific topics.  ( Part 1 and part 2 in this series can be found by clicking on the links.)   Free training! (Yay) By selecting the Products option, you are able to look at specific products that you want more info about:  The different Defender products in Microsoft 365 Defender.  If you want to search for a topic, you have quite a few to choose from:  Topics But for today we will be looking at another interesting feature in Microsoft 365 Defender, and this is located under Endpoints in the left menu. As you can probably tell, Endpoints is where we find some of the info related to our clients. There are other places as well, but we will get into that later. Here we wil

Microsoft 365 Defender – Part 2

In this blog post, which is part 2 of a series ( part 1 here ), we will go a little more into some of the functionality in this product. Some of the more important features of new security products are the ones based on machine learning and AI. It is important to work on security skills, but when things happen so fast and on such a large scale, we can really use some help from the machines that are on our side. Microsoft Threat Intelligence analyzes 24 trillion signals daily and use machine learning and AI to react and respond to threats.    Microsoft Threat Intelligence ( This means that we in many cases can expect response times way beyond what even the best security teams can achieve.  Todays topic – Threat analytics Today, as we continue our journey into the Microsoft 365 Defender product, we're going to talk about Threat analytics. This is an extremely useful feature which gives us insight into what's going on in the world, and if our environment is vulnerable

Microsoft 365 Defender - part 1

Our journey to the cloud has created some new ways of thinking, new ways of working, and of course a bunch of new portals to work in. It's beginning to be a while since Microsoft started consolidating their different security products under the defender name. Some of the big ones like the Advanced Threat Protection solutions are well known to many of us and more products are being added under the Defender umbrella all the time. Today we are going to look at Defender for Microsoft 365. What it is, and how it can help us. My demo tenant has Microsoft 365 E5 licenses, and this gives us the full power of the defender suite.  What is the Microsoft 365 Defender product really? In this post, which is part 1 in a series, we will look at some of the basics of Microsoft 365 Defender. Many of us are used to defining Microsoft 365 Defender from what we can see in the portal, where we can:  - Detect Security risks - Investigate attacks - Prevent harmful activities A