Searching for suspicious user in Azure Security Center

Last September during my presentation with Meir at Ignite, we talked about how powerful the new search capability in Azure Security Center is, the integration with Log Analytics gives you total control, and flexibility to find what you really need.  But how to really use this? First step is to read our core documentation regarding Search…


Incident Response in Hybrid Cloud

I had a great time yesterday at Hacker Halted, my presentation was packed with great security professionals, great questions, and the networking was outstanding. My deck available here (in PDF format), and if you attended the session, make sure to connect with me via LinkedIn.


Updates in Azure Security Center – September 2017 – Part 3

Here another wave of new features that were released today, this time in public preview, but fully documented below: Investigate Incidents and Alerts in Azure Security Center (Preview) Custom Alert Rules in Azure Security Center (Preview) Security Playbook in Azure Security Center (Preview) If you are planning to go to Ignite next week, here are…


Presentation at Ignite 2017 and New Book

This year I will be at Ignite working at the Azure Security Center booth, and I will also be speaking with my friend Meir Mendelovich about Azure Security Center. Our presentation is called: Respond quickly to threats with next-generation security operation, and investigation. If you are going to Ignite, make sure to stop by our presentation, we…


Azure Security Center – June Updates

I would like to share with you some updates that we had during this month in the Azure Security Center documentation, which directly reflect some changes in this service. The main changes are: Platform Migration: Beginning in early June 2017, Azure Security Center rolls out important changes to the way security data is collected and stored. These…


Azure Information Protection Scenarios

Just a quick follow up on my post about the demo video series from the Enterprise Mobility + Security Team, the following demos are going to cover the Information Protection space. The first one below shows how automatic classification of documents based on the data classification policies an organization is triggered: The next one shows a…


Azure Security Center UI Update

If you are using Azure Security Center you probably noticed that yesterday the main dashboard was different, that’s right, it was updated. You can watch this short video below that I recorded with an explanation about these changes: We also updated our articles that were impacted by this UI change, such as the Security health monitoring…


New Azure Security Paper Series

Today we are releasing a series of new articles about Azure Security, which includes the following articles: • Azure Operational Security • Azure Advanced Threat Detection • Azure Logging and Auditing • Introduction to Azure Security • Isolation in the Azure Public Cloud We hope you enjoy and make sure to leave your feedback in the…


Book Signing Session at Ignite

I’m pleased to announce that my great friend Tom Shinder and I are going to be at Ignite next month in Atlanta, we are working with OMS Security Product Team to deliver a very cool OMS Security presentation (to be announced soon). Also, in partnership with Microsoft Press, we will have a book signing session (date and time…