ᴍɪᴄʜᴀʟɪs ᴍɪᴄʜᴀʟᴏs
@cyb3rmik3.bsky.social
SecOps, DFIR & CTI 🛡 | Microsoft Security #MVP, #KQL Threat Hunting 🏹 | Father 👭/Hasbund 👫/🍷&⌚️ enthousiast/Explorer ✈️ | Views my own | blog michalos.net
Iterations with @microsoft.com Security Product Groups for this achievement have turned into insightful engagements of the features to come in both Sentinel SIEM and the XDR space 🤓
🔗 www.credly.com/badges/b6a23...
#MicrosoftCommunity #MicrosoftSecurity
🔗 www.credly.com/badges/b6a23...
#MicrosoftCommunity #MicrosoftSecurity
Microsoft Community Advocate - 2025 was issued by Microsoft Security to Michail Michalos.
The Microsoft Community Advocate badge is awarded to members of the Customer Connection Program who participate in community engagements and provide feedback to help guide the direction of a product o...
www.credly.com
November 14, 2025 at 6:44 PM
Iterations with @microsoft.com Security Product Groups for this achievement have turned into insightful engagements of the features to come in both Sentinel SIEM and the XDR space 🤓
🔗 www.credly.com/badges/b6a23...
#MicrosoftCommunity #MicrosoftSecurity
🔗 www.credly.com/badges/b6a23...
#MicrosoftCommunity #MicrosoftSecurity
It seems like for the last 24 hours, "𝐆𝐫𝐚𝐩𝐡" has become the new "𝐀𝐈", it's everywhere! 😯
Today's Defender XDR October news include the announcement for public preview in Advanced Hunting of the 𝐡𝐮𝐧𝐭𝐢𝐧𝐠 𝐠𝐫𝐚𝐩𝐡.
🔗 techcommunity.microsoft.com/blog/microso...
#MicrosoftSecurity #MicrosoftDefender
Today's Defender XDR October news include the announcement for public preview in Advanced Hunting of the 𝐡𝐮𝐧𝐭𝐢𝐧𝐠 𝐠𝐫𝐚𝐩𝐡.
🔗 techcommunity.microsoft.com/blog/microso...
#MicrosoftSecurity #MicrosoftDefender
Monthly news - October 2025 | Microsoft Community Hub
Microsoft DefenderMonthly news - October 2025 Edition
This is our monthly "What's new" blog post, summarizing product updates and various new assets we...
techcommunity.microsoft.com
October 1, 2025 at 1:46 PM
It seems like for the last 24 hours, "𝐆𝐫𝐚𝐩𝐡" has become the new "𝐀𝐈", it's everywhere! 😯
Today's Defender XDR October news include the announcement for public preview in Advanced Hunting of the 𝐡𝐮𝐧𝐭𝐢𝐧𝐠 𝐠𝐫𝐚𝐩𝐡.
🔗 techcommunity.microsoft.com/blog/microso...
#MicrosoftSecurity #MicrosoftDefender
Today's Defender XDR October news include the announcement for public preview in Advanced Hunting of the 𝐡𝐮𝐧𝐭𝐢𝐧𝐠 𝐠𝐫𝐚𝐩𝐡.
🔗 techcommunity.microsoft.com/blog/microso...
#MicrosoftSecurity #MicrosoftDefender
𝐊𝐞𝐞𝐩𝐢𝐧𝐠 𝐩𝐫𝐢𝐯𝐚𝐜𝐲 𝐰𝐡𝐞𝐧 𝐫𝐮𝐧𝐧𝐢𝐧𝐠 𝐪𝐮𝐞𝐫𝐢𝐞𝐬: 𝐡𝐨𝐰 𝐭𝐨 𝐨𝐛𝐟𝐮𝐬𝐜𝐚𝐭𝐞 𝐲𝐨𝐮𝐫 𝐊𝐐𝐋 𝐫𝐞𝐬𝐮𝐥𝐭𝐬
Sharing your screen with results on a call and removing a column from your project operator seems too easy?
🔗 Blog post: www.michalos.net/2025/09/19/k...
#MicrosoftSecurity #KustoQuery
Sharing your screen with results on a call and removing a column from your project operator seems too easy?
🔗 Blog post: www.michalos.net/2025/09/19/k...
#MicrosoftSecurity #KustoQuery
Keeping privacy when running queries: how to obfuscate your KQL results
Introduction While KQL empowers Log Analytics and Advanced Hunting users to extract critical insights from relevant data sets, they are often met with requirements dictating results sharing. It is …
www.michalos.net
September 19, 2025 at 5:25 PM
𝐊𝐞𝐞𝐩𝐢𝐧𝐠 𝐩𝐫𝐢𝐯𝐚𝐜𝐲 𝐰𝐡𝐞𝐧 𝐫𝐮𝐧𝐧𝐢𝐧𝐠 𝐪𝐮𝐞𝐫𝐢𝐞𝐬: 𝐡𝐨𝐰 𝐭𝐨 𝐨𝐛𝐟𝐮𝐬𝐜𝐚𝐭𝐞 𝐲𝐨𝐮𝐫 𝐊𝐐𝐋 𝐫𝐞𝐬𝐮𝐥𝐭𝐬
Sharing your screen with results on a call and removing a column from your project operator seems too easy?
🔗 Blog post: www.michalos.net/2025/09/19/k...
#MicrosoftSecurity #KustoQuery
Sharing your screen with results on a call and removing a column from your project operator seems too easy?
🔗 Blog post: www.michalos.net/2025/09/19/k...
#MicrosoftSecurity #KustoQuery
Here's your Microsoft Defender weekend reads:
📰 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 𝐌𝐨𝐧𝐭𝐡𝐥𝐲 𝐍𝐞𝐰𝐬 came with some awesome new features.
🔗 techcommunity.microsoft.com/blog/microso...
📰 Also, don't forget 𝐊𝐮𝐬𝐭𝐨 𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 by @ugurkoc.de and @bertjancyber.bsky.social.
🔗 kustoinsights.substack.com/p/kusto-insi...
📰 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 𝐌𝐨𝐧𝐭𝐡𝐥𝐲 𝐍𝐞𝐰𝐬 came with some awesome new features.
🔗 techcommunity.microsoft.com/blog/microso...
📰 Also, don't forget 𝐊𝐮𝐬𝐭𝐨 𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 by @ugurkoc.de and @bertjancyber.bsky.social.
🔗 kustoinsights.substack.com/p/kusto-insi...
Monthly news - September 2025 | Microsoft Community Hub
Microsoft DefenderMonthly news - September 2025 Edition
This is our monthly "What's new" blog post, summarizing product updates and various new assets we...
techcommunity.microsoft.com
September 13, 2025 at 4:19 PM
Here's your Microsoft Defender weekend reads:
📰 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 𝐌𝐨𝐧𝐭𝐡𝐥𝐲 𝐍𝐞𝐰𝐬 came with some awesome new features.
🔗 techcommunity.microsoft.com/blog/microso...
📰 Also, don't forget 𝐊𝐮𝐬𝐭𝐨 𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 by @ugurkoc.de and @bertjancyber.bsky.social.
🔗 kustoinsights.substack.com/p/kusto-insi...
📰 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 𝐌𝐨𝐧𝐭𝐡𝐥𝐲 𝐍𝐞𝐰𝐬 came with some awesome new features.
🔗 techcommunity.microsoft.com/blog/microso...
📰 Also, don't forget 𝐊𝐮𝐬𝐭𝐨 𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 by @ugurkoc.de and @bertjancyber.bsky.social.
🔗 kustoinsights.substack.com/p/kusto-insi...
Reposted by ᴍɪᴄʜᴀʟɪs ᴍɪᴄʜᴀʟᴏs
🚨 Microsoft admins, are your conditional access policies weak?
😱 Fabian Bader shares some common bypasses in our latest https://Entra.Chat podcast episode!
😱 Fabian Bader shares some common bypasses in our latest https://Entra.Chat podcast episode!
August 29, 2025 at 11:39 PM
🚨 Microsoft admins, are your conditional access policies weak?
😱 Fabian Bader shares some common bypasses in our latest https://Entra.Chat podcast episode!
😱 Fabian Bader shares some common bypasses in our latest https://Entra.Chat podcast episode!
🏹 𝐍𝐞𝐰 #𝐊𝐐𝐋 𝐪𝐮𝐞𝐫𝐲!
➡️ 𝐅𝐞𝐭𝐜𝐡 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐚𝐧𝐝 𝐦𝐚𝐧𝐮𝐚𝐥 𝐭𝐚𝐠𝐬 𝐟𝐨𝐫 𝐚𝐜𝐭𝐢𝐯𝐞 𝐝𝐞𝐯𝐢𝐜𝐞𝐬
🔗 github.com/cyb3rmik3/KQ...
#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR
➡️ 𝐅𝐞𝐭𝐜𝐡 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐚𝐧𝐝 𝐦𝐚𝐧𝐮𝐚𝐥 𝐭𝐚𝐠𝐬 𝐟𝐨𝐫 𝐚𝐜𝐭𝐢𝐯𝐞 𝐝𝐞𝐯𝐢𝐜𝐞𝐬
🔗 github.com/cyb3rmik3/KQ...
#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR
August 29, 2025 at 7:46 AM
🏹 𝐍𝐞𝐰 #𝐊𝐐𝐋 𝐪𝐮𝐞𝐫𝐲!
➡️ 𝐅𝐞𝐭𝐜𝐡 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐚𝐧𝐝 𝐦𝐚𝐧𝐮𝐚𝐥 𝐭𝐚𝐠𝐬 𝐟𝐨𝐫 𝐚𝐜𝐭𝐢𝐯𝐞 𝐝𝐞𝐯𝐢𝐜𝐞𝐬
🔗 github.com/cyb3rmik3/KQ...
#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR
➡️ 𝐅𝐞𝐭𝐜𝐡 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐚𝐧𝐝 𝐦𝐚𝐧𝐮𝐚𝐥 𝐭𝐚𝐠𝐬 𝐟𝐨𝐫 𝐚𝐜𝐭𝐢𝐯𝐞 𝐝𝐞𝐯𝐢𝐜𝐞𝐬
🔗 github.com/cyb3rmik3/KQ...
#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR
Second year in the @MVPAward
Program in Security / SIEM & XDR.
Let's go 💪
#MVPBuzz
🔗 www.credly.com/badges/50552...
Program in Security / SIEM & XDR.
Let's go 💪
#MVPBuzz
🔗 www.credly.com/badges/50552...
2025 Microsoft Most Valuable Professional (MVP) was issued by Microsoft MVP and Student Ambassadors Communities to Michail Michalos.
The Microsoft MVP Program recognizes outstanding members of technical communities for their community participation and willingness to help others. Above all else, it is a people-powered program, made...
www.credly.com
August 14, 2025 at 5:52 AM
Second year in the @MVPAward
Program in Security / SIEM & XDR.
Let's go 💪
#MVPBuzz
🔗 www.credly.com/badges/50552...
Program in Security / SIEM & XDR.
Let's go 💪
#MVPBuzz
🔗 www.credly.com/badges/50552...
📢 New blog post 📢
𝐁𝐫𝐞𝐚𝐤𝐢𝐧𝐠 𝐝𝐨𝐰𝐧 𝐭𝐡𝐞 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐨𝐩𝐩𝐨𝐫𝐭𝐮𝐧𝐢𝐭𝐢𝐞𝐬 𝐟𝐨𝐫 𝐪𝐮𝐞𝐫𝐢𝐞𝐬 𝐢𝐧 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 & 𝐋𝐨𝐠 𝐀𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐖𝐨𝐫𝐤𝐬𝐩𝐚𝐜𝐞
www.michalos.net/2025/07/31/b...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQueryLanguage #EASM #MDEASM
𝐁𝐫𝐞𝐚𝐤𝐢𝐧𝐠 𝐝𝐨𝐰𝐧 𝐭𝐡𝐞 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐨𝐩𝐩𝐨𝐫𝐭𝐮𝐧𝐢𝐭𝐢𝐞𝐬 𝐟𝐨𝐫 𝐪𝐮𝐞𝐫𝐢𝐞𝐬 𝐢𝐧 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 & 𝐋𝐨𝐠 𝐀𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐖𝐨𝐫𝐤𝐬𝐩𝐚𝐜𝐞
www.michalos.net/2025/07/31/b...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQueryLanguage #EASM #MDEASM
Breaking down the Microsoft Defender External Attack Surface Management opportunities for queries in Advanced Hunting & Log Analytics Workspace
Following latest Microsoft Defender XDR July 2025 news, it was announced that Microsoft Defender External Attack Surface Management (MDEASM) can be integrated within the Exposure Management (XSPM) …
www.michalos.net
August 1, 2025 at 7:21 AM
📢 New blog post 📢
𝐁𝐫𝐞𝐚𝐤𝐢𝐧𝐠 𝐝𝐨𝐰𝐧 𝐭𝐡𝐞 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐨𝐩𝐩𝐨𝐫𝐭𝐮𝐧𝐢𝐭𝐢𝐞𝐬 𝐟𝐨𝐫 𝐪𝐮𝐞𝐫𝐢𝐞𝐬 𝐢𝐧 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 & 𝐋𝐨𝐠 𝐀𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐖𝐨𝐫𝐤𝐬𝐩𝐚𝐜𝐞
www.michalos.net/2025/07/31/b...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQueryLanguage #EASM #MDEASM
𝐁𝐫𝐞𝐚𝐤𝐢𝐧𝐠 𝐝𝐨𝐰𝐧 𝐭𝐡𝐞 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐨𝐩𝐩𝐨𝐫𝐭𝐮𝐧𝐢𝐭𝐢𝐞𝐬 𝐟𝐨𝐫 𝐪𝐮𝐞𝐫𝐢𝐞𝐬 𝐢𝐧 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 & 𝐋𝐨𝐠 𝐀𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐖𝐨𝐫𝐤𝐬𝐩𝐚𝐜𝐞
www.michalos.net/2025/07/31/b...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQueryLanguage #EASM #MDEASM
That's me after owning the make-graph operator and building my first #KQL query for Exposure Management in Advanced Hunting.
More, coming soon.
#KustoQuery
More, coming soon.
#KustoQuery
July 29, 2025 at 6:59 PM
That's me after owning the make-graph operator and building my first #KQL query for Exposure Management in Advanced Hunting.
More, coming soon.
#KustoQuery
More, coming soon.
#KustoQuery
View my verified achievement from @microsoft.com www.credly.com/badges/cbc06... via credly.
#MicrosoftSecurity #MicrosoftCommunity
#MicrosoftSecurity #MicrosoftCommunity
Microsoft Community Contributor - 2025 was issued by Microsoft Security to Michail Michalos.
The Microsoft Community Contributor badge is issued to members participating and earning credits in Entra Advisors private community, Data Security & Privacy CCP, Management CCP and/or Security Custom...
www.credly.com
July 28, 2025 at 4:35 PM
View my verified achievement from @microsoft.com www.credly.com/badges/cbc06... via credly.
#MicrosoftSecurity #MicrosoftCommunity
#MicrosoftSecurity #MicrosoftCommunity
A well-spent Saturday morning, renewing Security Operations Analyst Associate Certification for one more year. It was a great chance to dive back into the SC-200 content, with a focus on Security Copilot and enhanced RBAC for Microsoft Sentinel and Log Analytics Workspace.
#MicrosoftSecurity
#MicrosoftSecurity
July 19, 2025 at 7:01 AM
A well-spent Saturday morning, renewing Security Operations Analyst Associate Certification for one more year. It was a great chance to dive back into the SC-200 content, with a focus on Security Copilot and enhanced RBAC for Microsoft Sentinel and Log Analytics Workspace.
#MicrosoftSecurity
#MicrosoftSecurity
Super excited to share that I've been renewed as a Microsoft MVP in Security for a second consecutive year! It's been an incredible journey of contribution, learning, and growth, connecting with amazing new friends and peers.
#MicrosoftMVP #MVPBuzz
#MicrosoftMVP #MVPBuzz
July 10, 2025 at 4:23 PM
Super excited to share that I've been renewed as a Microsoft MVP in Security for a second consecutive year! It's been an incredible journey of contribution, learning, and growth, connecting with amazing new friends and peers.
#MicrosoftMVP #MVPBuzz
#MicrosoftMVP #MVPBuzz
💡 Are you struggling to materialize an 𝐑𝐁𝐀𝐂 model for your 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 (Microsoft Sentinel + Defender XDR) ? Well, your are not the only one out there...
[1/3]
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #DefenderXDR
[1/3]
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #DefenderXDR
July 9, 2025 at 5:31 AM
💡 Are you struggling to materialize an 𝐑𝐁𝐀𝐂 model for your 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 (Microsoft Sentinel + Defender XDR) ? Well, your are not the only one out there...
[1/3]
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #DefenderXDR
[1/3]
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #DefenderXDR
There is a superpower here, if you use private links, you can't take advantage of Microsoft Defender EASM in your Log Analytics Workspace.
The new integration with Microsoft Security Exposure Management, allows enriching the relevant tables with EASM data.
#MicrosoftSecurity #MicrosoftDefender
The new integration with Microsoft Security Exposure Management, allows enriching the relevant tables with EASM data.
#MicrosoftSecurity #MicrosoftDefender
July 5, 2025 at 1:07 PM
There is a superpower here, if you use private links, you can't take advantage of Microsoft Defender EASM in your Log Analytics Workspace.
The new integration with Microsoft Security Exposure Management, allows enriching the relevant tables with EASM data.
#MicrosoftSecurity #MicrosoftDefender
The new integration with Microsoft Security Exposure Management, allows enriching the relevant tables with EASM data.
#MicrosoftSecurity #MicrosoftDefender
𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐉𝐮𝐥𝐲 𝐧𝐞𝐰𝐬 just landed with lots of interesting developments. One new feature that caught my eye: 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 (𝐌𝐃𝐄𝐀𝐒𝐌) integration with 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐱𝐩𝐨𝐬𝐮𝐫𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 (𝐌𝐒𝐄𝐌).
🔗 techcommunity.microsoft.com/blog/microso...
🔗 techcommunity.microsoft.com/blog/microso...
Monthly news - July 2025 | Microsoft Community Hub
Microsoft Defender XDRMonthly news - July 2025 Edition
This is our monthly "What's new" blog post, summarizing product updates and various new assets we...
techcommunity.microsoft.com
July 3, 2025 at 7:05 AM
𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑 𝐉𝐮𝐥𝐲 𝐧𝐞𝐰𝐬 just landed with lots of interesting developments. One new feature that caught my eye: 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 (𝐌𝐃𝐄𝐀𝐒𝐌) integration with 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐱𝐩𝐨𝐬𝐮𝐫𝐞 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 (𝐌𝐒𝐄𝐌).
🔗 techcommunity.microsoft.com/blog/microso...
🔗 techcommunity.microsoft.com/blog/microso...
I had the privilege yesterday to join the 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝟑𝟔𝟓 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 & 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐔𝐬𝐞𝐫 𝐆𝐫𝐨𝐮𝐩 (www.meetup.com/m365sandcug/) curated by @campbell.scot, William & @welkasworld.com and present:
"𝙎𝙝𝙚𝙙𝙙𝙞𝙣𝙜 𝙡𝙞𝙜𝙝𝙩 𝙩𝙤 𝙪𝙣𝙘𝙤𝙫𝙚𝙧𝙚𝙙 𝙫𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙞𝙚𝙨 𝙬𝙞𝙩𝙝 𝙩𝙝𝙚 𝘿𝙚𝙛𝙚𝙣𝙙𝙚𝙧 𝙑𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙈𝙖𝙣𝙖𝙜𝙚𝙢𝙚𝙣𝙩 𝙖𝙙𝙙-𝙤𝙣"
[Part 1/3]
"𝙎𝙝𝙚𝙙𝙙𝙞𝙣𝙜 𝙡𝙞𝙜𝙝𝙩 𝙩𝙤 𝙪𝙣𝙘𝙤𝙫𝙚𝙧𝙚𝙙 𝙫𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙞𝙚𝙨 𝙬𝙞𝙩𝙝 𝙩𝙝𝙚 𝘿𝙚𝙛𝙚𝙣𝙙𝙚𝙧 𝙑𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙈𝙖𝙣𝙖𝙜𝙚𝙢𝙚𝙣𝙩 𝙖𝙙𝙙-𝙤𝙣"
[Part 1/3]
Microsoft 365 Security & Compliance User Group | Meetup
Welcome to the Microsoft 365 Security & Compliance User Group. We are an online group with a passion for all things related to M365 Security & Compliance. It is our mission to let you all know what t...
www.meetup.com
June 26, 2025 at 11:04 AM
I had the privilege yesterday to join the 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝟑𝟔𝟓 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 & 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐔𝐬𝐞𝐫 𝐆𝐫𝐨𝐮𝐩 (www.meetup.com/m365sandcug/) curated by @campbell.scot, William & @welkasworld.com and present:
"𝙎𝙝𝙚𝙙𝙙𝙞𝙣𝙜 𝙡𝙞𝙜𝙝𝙩 𝙩𝙤 𝙪𝙣𝙘𝙤𝙫𝙚𝙧𝙚𝙙 𝙫𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙞𝙚𝙨 𝙬𝙞𝙩𝙝 𝙩𝙝𝙚 𝘿𝙚𝙛𝙚𝙣𝙙𝙚𝙧 𝙑𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙈𝙖𝙣𝙖𝙜𝙚𝙢𝙚𝙣𝙩 𝙖𝙙𝙙-𝙤𝙣"
[Part 1/3]
"𝙎𝙝𝙚𝙙𝙙𝙞𝙣𝙜 𝙡𝙞𝙜𝙝𝙩 𝙩𝙤 𝙪𝙣𝙘𝙤𝙫𝙚𝙧𝙚𝙙 𝙫𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙞𝙚𝙨 𝙬𝙞𝙩𝙝 𝙩𝙝𝙚 𝘿𝙚𝙛𝙚𝙣𝙙𝙚𝙧 𝙑𝙪𝙡𝙣𝙚𝙧𝙖𝙗𝙞𝙡𝙞𝙩𝙮 𝙈𝙖𝙣𝙖𝙜𝙚𝙢𝙚𝙣𝙩 𝙖𝙙𝙙-𝙤𝙣"
[Part 1/3]
Reposted by ᴍɪᴄʜᴀʟɪs ᴍɪᴄʜᴀʟᴏs
Join us 25 June 18:00 UTC+1 for two stellar sessions
REGISTER: www.meetup.com/m365s...
@Cyb3rMik3 Exposing hidden threats with Defender Vulnerability Management
@janbakker_ Passkeys: Hype vs. Reality
$150+ of prizes thanks to @AppGovScore @PacktPublishing @Threatscape
REGISTER: www.meetup.com/m365s...
@Cyb3rMik3 Exposing hidden threats with Defender Vulnerability Management
@janbakker_ Passkeys: Hype vs. Reality
$150+ of prizes thanks to @AppGovScore @PacktPublishing @Threatscape
June 2025 - M365 Security & Compliance User Group, Wed, Jun 25, 2025, 6:00 PM | Meetup
Hey everyone, hope you can join us for this user group. We will kick off with a rundown of the latest Microsoft security news, then have two awesome speaker sessions, endin
www.meetup.com
June 24, 2025 at 7:50 AM
Join us 25 June 18:00 UTC+1 for two stellar sessions
REGISTER: www.meetup.com/m365s...
@Cyb3rMik3 Exposing hidden threats with Defender Vulnerability Management
@janbakker_ Passkeys: Hype vs. Reality
$150+ of prizes thanks to @AppGovScore @PacktPublishing @Threatscape
REGISTER: www.meetup.com/m365s...
@Cyb3rMik3 Exposing hidden threats with Defender Vulnerability Management
@janbakker_ Passkeys: Hype vs. Reality
$150+ of prizes thanks to @AppGovScore @PacktPublishing @Threatscape
📢 New blog post 📢
𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐭𝐫𝐞𝐧𝐜𝐡𝐞𝐬: 𝐛𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐚𝐮𝐝𝐢𝐭 𝐜𝐚𝐩𝐚𝐜𝐢𝐭𝐲 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 & 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑
🔗 Blog post: www.michalos.net/2025/06/20/i...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQuery #KustoQueryLanguage #Audit #Compliance
𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐭𝐫𝐞𝐧𝐜𝐡𝐞𝐬: 𝐛𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐚𝐮𝐝𝐢𝐭 𝐜𝐚𝐩𝐚𝐜𝐢𝐭𝐲 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 & 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑
🔗 Blog post: www.michalos.net/2025/06/20/i...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQuery #KustoQueryLanguage #Audit #Compliance
June 20, 2025 at 3:33 PM
📢 New blog post 📢
𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐭𝐫𝐞𝐧𝐜𝐡𝐞𝐬: 𝐛𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐚𝐮𝐝𝐢𝐭 𝐜𝐚𝐩𝐚𝐜𝐢𝐭𝐲 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 & 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑
🔗 Blog post: www.michalos.net/2025/06/20/i...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQuery #KustoQueryLanguage #Audit #Compliance
𝐈𝐧𝐬𝐢𝐠𝐡𝐭𝐬 𝐟𝐫𝐨𝐦 𝐭𝐡𝐞 𝐭𝐫𝐞𝐧𝐜𝐡𝐞𝐬: 𝐛𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐚𝐮𝐝𝐢𝐭 𝐜𝐚𝐩𝐚𝐜𝐢𝐭𝐲 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 & 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐗𝐃𝐑
🔗 Blog post: www.michalos.net/2025/06/20/i...
#MicrosoftSecurity #MicrosoftSentinel #DefenderXDR #KustoQuery #KustoQueryLanguage #Audit #Compliance
I'm thrilled to be joining an amazing group of friends and peers for a full day of community-driven discussions and learning around #KQL at KustoCon 2025, taking place on November 6th in Zurich!
(1/2)
#KustoCon #KustoQuery #MicrosoftSecurity #MicrosoftSecurityCommunity
(1/2)
#KustoCon #KustoQuery #MicrosoftSecurity #MicrosoftSecurityCommunity
Registration | KustoCon
kustocon.com
June 5, 2025 at 8:37 AM
I'm thrilled to be joining an amazing group of friends and peers for a full day of community-driven discussions and learning around #KQL at KustoCon 2025, taking place on November 6th in Zurich!
(1/2)
#KustoCon #KustoQuery #MicrosoftSecurity #MicrosoftSecurityCommunity
(1/2)
#KustoCon #KustoQuery #MicrosoftSecurity #MicrosoftSecurityCommunity
April's Kusto Insights newsletter curated by @ugurkoc.de & @bertjancyber.bsky.social just dropped!
🔗 kustoinsights.substack.com/p/kusto-insi...
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage
🔗 kustoinsights.substack.com/p/kusto-insi...
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage
May 6, 2025 at 6:56 PM
April's Kusto Insights newsletter curated by @ugurkoc.de & @bertjancyber.bsky.social just dropped!
🔗 kustoinsights.substack.com/p/kusto-insi...
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage
🔗 kustoinsights.substack.com/p/kusto-insi...
#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage
📢 Rich text for case management just arrived!
Following the recent announcement of Case Management in #Microsoft Sentinel, rich text has now been announced allowing analysts working in cases with content that is clear, organized & effective
More info:
🔗 techcommunity.microsoft.com/blog/microso...
Following the recent announcement of Case Management in #Microsoft Sentinel, rich text has now been announced allowing analysts working in cases with content that is clear, organized & effective
More info:
🔗 techcommunity.microsoft.com/blog/microso...
Announcing Rich Text for Case Management | Microsoft Community Hub
We are excited to announce the public preview of Rich Text for Case Management. Clear and effective communication is critical for making fast and accurate...
techcommunity.microsoft.com
April 25, 2025 at 8:12 PM
📢 Rich text for case management just arrived!
Following the recent announcement of Case Management in #Microsoft Sentinel, rich text has now been announced allowing analysts working in cases with content that is clear, organized & effective
More info:
🔗 techcommunity.microsoft.com/blog/microso...
Following the recent announcement of Case Management in #Microsoft Sentinel, rich text has now been announced allowing analysts working in cases with content that is clear, organized & effective
More info:
🔗 techcommunity.microsoft.com/blog/microso...
Further information have been published with regards to newest additions in the 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 schema and 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐓𝐞𝐚𝐦𝐬 oversight. Specifically, 3 new tables have been introduced, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐄𝐯𝐞𝐧𝐭𝐬, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐏𝐨𝐬𝐭𝐃𝐞𝐥𝐢𝐯𝐞𝐫𝐲𝐄𝐯𝐞𝐧𝐭𝐬 and 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐔𝐫𝐥𝐈𝐧𝐟𝐨.
🔗 learn.microsoft.com/defender-xdr...
#KQL
🔗 learn.microsoft.com/defender-xdr...
#KQL
April 24, 2025 at 5:34 AM
Further information have been published with regards to newest additions in the 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 schema and 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐓𝐞𝐚𝐦𝐬 oversight. Specifically, 3 new tables have been introduced, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐄𝐯𝐞𝐧𝐭𝐬, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐏𝐨𝐬𝐭𝐃𝐞𝐥𝐢𝐯𝐞𝐫𝐲𝐄𝐯𝐞𝐧𝐭𝐬 and 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐔𝐫𝐥𝐈𝐧𝐟𝐨.
🔗 learn.microsoft.com/defender-xdr...
#KQL
🔗 learn.microsoft.com/defender-xdr...
#KQL
The chair of Theodoros Kolokotronis, a natural rocky seat where the great General oversaw the battlefield of Tripolitsa. From this very spot, he planned his strategy and sparked the Greek Revolution of 1821
#Peloponnese #Arcadia #Tripolis #EtInArcadiaEgo
#Peloponnese #Arcadia #Tripolis #EtInArcadiaEgo
April 19, 2025 at 10:06 AM
The chair of Theodoros Kolokotronis, a natural rocky seat where the great General oversaw the battlefield of Tripolitsa. From this very spot, he planned his strategy and sparked the Greek Revolution of 1821
#Peloponnese #Arcadia #Tripolis #EtInArcadiaEgo
#Peloponnese #Arcadia #Tripolis #EtInArcadiaEgo
Great automation and use of Security #Copilot to stay current for Vulnerabilities in your environment.
Oh, the irony of the timing this blog was posted.
#SecurityCopilot #MicrosoftSecurity
🔗 techcommunity.microsoft.com/blog/securit...
Oh, the irony of the timing this blog was posted.
#SecurityCopilot #MicrosoftSecurity
🔗 techcommunity.microsoft.com/blog/securit...
Using Security Copilot to Proactively Identify and Prioritize Vulnerabilities | Microsoft Community Hub
Introduction
There are many different approaches when it comes to prioritizing the vulnerabilities which need addressing with urgency. Any...
techcommunity.microsoft.com
April 16, 2025 at 7:24 PM
Great automation and use of Security #Copilot to stay current for Vulnerabilities in your environment.
Oh, the irony of the timing this blog was posted.
#SecurityCopilot #MicrosoftSecurity
🔗 techcommunity.microsoft.com/blog/securit...
Oh, the irony of the timing this blog was posted.
#SecurityCopilot #MicrosoftSecurity
🔗 techcommunity.microsoft.com/blog/securit...
New MessageEvents table is cooking in advanced hunting for Teams messages.
Looking forward to explore this new data source and build some #KQL queries 🧐
learn.microsoft.com/en-us/defend...
Looking forward to explore this new data source and build some #KQL queries 🧐
learn.microsoft.com/en-us/defend...
MessageEvents table in the advanced hunting schema - Microsoft Defender XDR
Learn about the MessageEvents table in the advanced hunting schema which contains details about messages sent and received within your organization at the time of delivery
learn.microsoft.com
April 11, 2025 at 8:00 PM
New MessageEvents table is cooking in advanced hunting for Teams messages.
Looking forward to explore this new data source and build some #KQL queries 🧐
learn.microsoft.com/en-us/defend...
Looking forward to explore this new data source and build some #KQL queries 🧐
learn.microsoft.com/en-us/defend...