Introduction. We are going to cover the initial deployment of a Sentinel Workspace, and onboard the free data sources. Even though Microsoft lists the free data sources in the handy table shown below and available here, there are some caveats we need to be mindful of. The Microsoft documentation states; "Although alerts are free, the …
Microsoft Sentinel – Part 1 – Log Analytics Workspace, Budgets, and Action Groups.
Introduction Microsoft Sentinel is a cloud native Security Information and Event Management (SIEM), and Security Orchestration Automation and Response (SOAR) solution. It allows organisations to ingest log feeds from most sources, contextualise the data with threat intelligence before making use of machine learning models to assist in providing actionable information and intelligent alerts. The ingested …
Securing SharePoint 1 – Block legacy authentication.
In previous series' and blogs we have covered disabling legacy authentication to protect Exchange Online, Azure and Office 365, however while going through the Microsoft Cloud Security Benchmark and something caught my eye. "Ensure modern authentication for SharePoint applications is required" NOTE: We have covered the Cloud Security Benchmark previously, and the blog can be …
Continue reading "Securing SharePoint 1 – Block legacy authentication."
Cyber Security is easy, right? – Understanding Privileged Access.
We're back with another blog, and this week we're looking at privileged access, explaining its importance, and some considerations for implementation. Why is privileged access so important? We need to look at this in a few ways. As cyber security professionals we need to not only consider the risk from a security standpoint, but also …
Continue reading "Cyber Security is easy, right? – Understanding Privileged Access."
@2codemonte 