The Microsoft Security Insights Show Episode 257 - Nathan Swift
Description
Join us this episode as we welcome back fan favorite, Nathan Swift. This is a demo-heavy episode, so make sure to catch the live video replay if you can. Dive into the incredible potential of tools like Microsoft Defender EASM—a budget-friendly powerhouse for countless use cases—and unravel the magic of the TwistDNS algorithm in spotting typosquatting and phishing threats. From building Microsoft Sentinel Watchlists to crafting advanced integrations with Azure Container Instances, Logic Apps, and Functions, we’re here to keep your mind buzzing and your solutions thriving.
Show Notes/Links
* Nathan's GitHub repo: https://github.com/SwiftSolves-msft
* Nathan's old GitHub repo: https://github.com/SwiftSolves
* Sentinel DNSTwist Solution: https://github.com/swiftsolves-msft/Sentinel-DNSTwist-Solution
Just good old plain security stuff:
General:
* Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves
* IMS Efficient Migration Methods
Threat Intelligence:
* Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
* StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
* Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Azure Security:
* Secure containers software supply chain across the SDLC
* Microsoft Defender for Cloud Customer Newsletter
* Integrating Security into DevOps Workflows with Microsoft Defender CSPM
* Public Preview: Key Attestation for Azure Managed HSM
Defender for Cloud:
* Secure your AI application transformation with Microsoft Defender for Cloud-V
* Manage cloud security posture with Microsoft Defender for Cloud -V
* What's new in Defender for Cloud features
Sentinel News:
* Integrating Radware WAF Logs with Microsoft Sentinel Using Logic Apps
* Case Management is now Generally Available
* What's new in Microsoft Sentinel
Microsoft Entra:
* ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison
* Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring
* Exploring the Extensibility of Active Directory Migration Service (ADMS)
* Tell us what you think: The Microsoft Entra blog team wants to hear from you!
* New innovations in Microsoft Entra to strengthen AI security and identity protection
* Insights from the Secure Employee Access report reveal the need for unified access security
* New user experience for consumer authentication
* Replace your legacy VPN with an identity-centric ZTNA
M365 Defender | XDR - (MDO, MDE, MDI, MDCA):
* Built-in report button is available in Microsoft Outlook across platforms
* Defending Against OAuth-Based Attacks with Automatic Attack Disruption
* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series
* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails
* Unveiling the Shadows: Extended Critical Asset Protection with MSEM
* Level up your defense: protect against attacks using stale user accounts
* Discover and protect Service Accounts with Microsoft Defender for Identity
* Protect SaaS apps from OAuth threats with attack path, advanced hunting and more
Security Copilot:
* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries
* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and Beyond
Microsoft Purview:
* APR 22 (8:00 AM) Microsoft Purview | eDiscovery New User Experience and Retire
United States
