Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal security. Emily and Chris were co-presenters at this year's BlueHat conference. They discussed unmasking Azure-based adversaries with an emphasis on monitoring service principles,  how their respective expertise in data science and cybersecurity contributed to the session, and the challenges of monitoring service principles in Azure. This concept has evolved from traditional service accounts. 

In This Episode You Will Learn:    

• The importance of monitoring spikes in activity 


• Criteria for identifying malicious behavior targeting service principles 


• Historical context of service principles and their increasing relevance 

Some Questions We Ask:    

• How can you proactively monitor and detect anomalies related to service principles? 


• What challenges arise when profiling service principles based on past behavior? 


• When can service principles be tied to user authentication? 

Resources:  

View Emily Yale on LinkedIn 

View Chris Bukavich on LinkedIn 

View Wendy Zenone on LinkedIn 

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts: 

• 
  Microsoft Threat Intelligence Podcast 


• 
  Afternoon Cyber Tea with Ann Johnson 


• 
  Uncovering Hidden Risks 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts 

Hosted on Acast. See acast.com/privacy for more information.