Main Articles |

Category Archives: Main Articles

Microsoft Defender ATP Streaming API

Posted on July 23, 2019 by Jan Geisbauer Leave a comment

In the past, we could consume the MDATP API ‘on demand’ (pull) by PowerShell for example.

We could even do advanced hunting queries via the API.

However, pulling the data out of MDATP might bring in some delay in one or the other scenario and the information from the advanced hunting results are limited to the last 30 days.

With the brand new ‘Streaming API’, Microsoft is offering a new approach to make data from MDATP available outside of the portal.

Main Articles

The New Unified Identity SecOps Experience

Posted on May 5, 2019 by Jan Geisbauer Leave a comment

The new Unifed Identity SecOps Experience brings together information from Azure ATP, Microsoft Cloud App Security (MCAS) and Azure AD Identity Protection.

In this blog post, we will look into the new UI and evaluate which value it has. However – as always-, I am trying to add a little ‘spice’ and therefore we will build in some Mimikatz action. Be exicted :-).

Main Articles

Go, hack yourself!

Posted on March 31, 2019 by Jan Geisbauer Leave a comment

While talking about the protection mechanisms in modern cloud environments, one tends to forget the other side.

You must know your enemy in order to fight him successfully. Today we will build a lab to attack a modern Microsoft cloud environment that is protected by the brightest star on Microsoft’s security sky: Microsoft Defender ATP*.

Main Articles

Office ATP P2

Posted on February 27, 2019 by Jan Geisbauer Leave a comment

Since the beginning of February 2019, Microsoft is dividing Office ATP features into P1 and P2. Everything that was called “Threat Intelligence” before goes now into Office ATP P2. In this article, I give a brief overview of Office ATP P1 and P2 features and go deep into an exciting P2 feature called “Attack Simulator”.

Main Articles

AI, Protect Me!

Posted on January 31, 2019 by Jan Geisbauer Leave a comment

Azure AD Identity Protection (IP) recently got a refresh (in preview). We will have a look into some of the enhancements.

Main Articles

Christmas Special: Peace between Security and Usability (by the example of Multifactor Authentication in Azure AD)

Posted on December 20, 2018 by Jan Geisbauer Leave a comment

One of the biggest problems of our times in IT is to pacify the long-lasting war between security and usability. We all know this picture here below that shows precisely human behavior: people will accept security, when its easy enough. Otherwise they will find their own way around security

Main Articles

100% Cloud will never happen!

Posted on November 29, 2018 by Jan Geisbauer Leave a comment

I like the idea of starting a brand-new blog site by the name of “Empty Datacenter – 100% Cloud” and then writing the first article, indicating that this will never happen.

But this is exactly what happens during the ‘cloud familiarization period’. The WHAT? Exactly.

Main Articles