🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Second session of this evening is in our recently introduced Rocket Talk format. Topic is on the journey with Azure local, presented by Olivier Debonne 🇧🇪 (❤️ Taiwan 🇹🇼). #Community #Microsoft #Cloud #Azure

Interested in how I parse #CEF syslog messages from network security appliances to the CommonSecurityLog table in #MicrosoftSentinel without using AMA? Read my latest blog post at: hybridbrothers.com/parsing-cef-me… #Microsoft #MicrosoftSecurity

🚨 FINAL BOARDING CALL! 🚨 The MC2MC Connect ticket sale is almost complete, only a few tickets left! 🎟️ Don’t miss your chance to secure your seat for our first full-day event! 🚀 🔗 connect.mc2mc.be/tickets/ #MC2MC #ConnectMC2MC #Connect #Collaborate #Create

Robbe Van den Daele talking about Defender For Endpoint and Global secure access and how to combine them. #wpninjasnl #wpninjaconnect

I’ve trained many analysts over the years - inside my own teams, in SOCs, CERTs, and various internal security teams. And lately, I’ve been noticing a trend that deeply saddens me. There’s an increasing number of young professionals who struggle with the grind of our work. They

Another great newsletter of Kusto Insights curated by Ugur Koc and Bert-Jan 🛡️! Awesome highlighted #KQL query by Robbe Van den Daele. 🔗 kustoinsights.substack.com/p/kusto-insigh… #MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery

Do not forget to tag the Exchange Trusted Subsystem, Exchange Windows Permission, and Organization Management groups as sensitive in #MDI if you have on-premise exchange without the split permission model. These groups are not tagged as sensitive by default by MDI.

Detect suspicious foci token logins: github.com/HybridBrothers… #MicrosoftSecurity #EntraID #Tokens #KQL

Kicking off the first session of our #MC2MC life event today with Thijs Lecomte! MC2MC

🛡️Detecting non-privileged Windows Hello abuse: hybridbrothers.com/detecting-non-… #EntraID #KQL #Microsoft #MicrosoftSecurity #DefenderXDR #MicrosoftSentinel

Hunting for privilege escalation paths with AD ACLs using #DefenderXDR. github.com/HybridBrothers… #Microsoft #MicrosoftSecurity #Kusto #KQL

One of the results of the joined research with Dirk-jan is entrascopes.com Basically the yellow pages for Microsoft first party apps. #TROOPERS25

Learn from the practical challenges I encountered when trying to transition from #Microsoft #Sentinel to #DefenderXDR in my latest blogpost: hybridbrothers.com/transition-fro… #MicrosoftSecurity #SIEM #XDR

How not to do multi-tenant apps. Nice find by ᅟ from modzero, compromising Synology Active Backup client secrets (from the Synology tenant) during installation 🤦 modzero.com/en/blog/when-b…

New #maester test MT.1061: Device registration MFA control conflicts with Conditional Access policies. An important nuance in #entraid which is often overlooked. With the new Maester test you can get notified if you have a conflict.

🔎 Detect Direct Send phishing emails Below you can find a query that can help you find phishing emails being send using #Microsoft Exchange Direct Send. #Kusto #KQL #DefenderXDR #MicrosoftSentinel github.com/HybridBrothers…