Skip to main content

June 11, 2020

Microsoft Defender ATP Telemetry: Workbook Visualizations (Part 3)

Part 3 of series: Prioritizing Microsoft Defender ATP endpoint alert telemetry with MITRE ATT&CK.

See Details

June 11, 2020

Microsoft Defender ATP Telemetry: Azure Log Analytics Workspace (Part 2)

This post demonstrates how to pull DATP data into Azure Log Analytics workspaces using a Logic App.

See Details

June 11, 2020

Microsoft Defender ATP Telemetry: Viewing MITRE ATT&CK Context (Part 1)

This post helps prioritize efforts based on alert information you're already receiving from Microsoft #Defender #ATP.

See Details

April 24, 2020

COVID-19: From the Mindset of the Attacker

We’ve seen lots of COVID-19-related work-from-home tips, but how has it affected the attacker?

See Details

March 31, 2020

Defending Container Compromise

This container compromise scenario is difficult, but very plausible.

See Details

March 24, 2020

Container Compromise to IaaS Recon

Is a container breakout to access the Kubernetes node possible? How might it work?

See Details

January 21, 2020

Registry Risks

Part 4 in the Gaining Visibility into NIST SP 800-190 series explores Registry Risks and Registry Countermeasures.

See Details

January 06, 2020

Image Risks

Part Three of our series explores what native AWS tools and third-party solutions are available to address the risks identified in the NIST SP 800-190...

See Details

January 02, 2020

Extending the Hybrid Cloud Lab

Part 2 in the Gaining Visibility into NIST SP 800-190 series is designed for security practitioners and others starting down the path of understanding...

See Details