Olivia
Online
Alex Verboon
@alexverboon
CTO Principal Cyber Security Consultant at @BaseVISION | building cyber defenses to protect the enterprise | Microsoft security MVP | Host of
Switzerland
Joined February 2009
2.7K Following
2.9K Followers
4.9K Posts
Pinned Tweet
🛡️The Defender Resource Hub Fall 2025 Update is here! https://t.co/QokLjM0xul
New content from Microsoft, MVPs & the community. blogs, tools & references all in one place.
#Defender #Security #MicrosoftSecurity #DefenderXDR #MicrosoftSentinel #mvpbuzz #DefenderResourceHub
Microsoft NetMeeting was WAY more important than you think https://t.co/sCkwWQmApu via @YouTube
New #KQL query added for PIM security alerts. PIM security alerts can be used to identify policy violation/change.
The alerts focus on identity governance, but can be a useful enrichment for your security team.
https://t.co/Kw2kufdHPX
As response to CVE‑2026‑41615 (Microsoft Authenticator Vulnerability) Microsoft started surfacing the used Microsoft Authenticator App versions in the Microsoft Entra Sign-In Logs.
Quick post with a KQL query to identify users with vulnerable versions: https://t.co/gVLlZ7NX9U
Who to follow
Gerry Hampson
@GerryHampson
Senior Consultant, Ergo Group. Microsoft MVP in Enterprise Client Management. Specialist in Microsoft implementations.
Joe Stocker 
@ITguySoCal
Christian Family Man, CEO of Patriot Consulting (Microsoft Security Partner) Author of "Securing Microsoft 365" Microsoft MVP (Security) (2020-2026)
Thomas Naunheim
@Thomas_Live
#MicrosoftMVP | Cyber Security Architect 🛡️| #MicrosoftEntra 🔑 + #Azure ☁️ | #Schaengel
Just released my first community tool in public preview 🎉
EAM‑AutoUpdater helps automate Intune EAM app updates & reduce manual effort.
Try it & share feedback 👇
https://t.co/bS8hP6ZK0d
#Intune #EnterpriseApplicationManagement #PowerShell
Join me at KustoCon 2026 (In-person Zürich) https://t.co/YnyGpr7B3g #KQL
Check out my blog post "Mastering (Orphan) API Connections in Microsoft Sentinel Playbooks" in which I demonstrate how to manage the API connections of your Microsoft Sentinel Playbooks and identify orphaned ones.
https://t.co/wcFcxa1glH
#microsoftsentinel #LogicApps #IaC
Intune 2603 finally fixes RBAC scope tag pain with Scoped Permissions.
I took a deep dive into how it works & which real‑world problems it solves 👇
https://t.co/y9fQhEaRWD
Unified Tenant Management with Nik Charlebois-Laprade - RunAsRadio https://t.co/u30z0ewRvm
NEW BLOG: [DxBP] Part 1 - Technical Detection Engineering Best Practices
🔗 Link: https://t.co/DrDwmb40J3
Part 1 covers:
🔹Ingestion delays
🔹How to handle different system languages
🔹Why case sensitivity matters
🔹Best practices for using join
And more best practices.
Three ways to run KQL on Microsoft Sentinel data lake: Interactive, Async, or Jobs | Microsoft Community Hub https://t.co/lFCVUTkPVL
@_0b1d1 PDF please 🙏
[New Blogpost] - Modern Security for Legacy Systems
- Defender for Endpoint on Windows 7
#DefenderXDR #DefenderforEndpoint #Windows7
https://t.co/bVyH6Xn8wN
![alexverboon's tweet photo. [New Blogpost] - Modern Security for Legacy Systems
- Defender for Endpoint on Windows 7
#DefenderXDR #DefenderforEndpoint #Windows7
https://t.co/bVyH6Xn8wN https://t.co/MUUEVnuh82](https://pbs.twimg.com/media/G7ARuMaWUAArjMr.jpg)
New blog post on Defender for Identity’s new Automatic Windows Event Auditing Configuration a powerful feature that ensures your domain controllers always log the right events for optimal detection.
https://t.co/rn46Oho3KU
#MicrosoftSecurity #DefenderForIdentity #mvpbuzz
Adopting Unified Custom Detections in Microsoft Sentinel via the Defende... https://t.co/sYmjq1iUk2
Disabling a user account during a security incident removes them from all Microsoft Teams. Private channel membership is not automatically restored. This #KQL query lists all private channels the user was removed from.
https://t.co/zM5SceGWv8
Time for your monthly dose of Kusto!
Kusto Insights - October Update is out: https://t.co/4pCzVU889S
In our latest TI Report, we investigate a malware campaign spreading via malicious game mods. Attackers use social engineering and the Stealit credential stealer to harvest sensitive data.
Learn: https://t.co/bsC5JoUY1u
#CyberSecurity #Malware #SOC #Stealit #SecurityAwareness
Following my appearance on @KqlCafe today (thank you for the invite!) here's a sample query that you can use (define the filtering logic) to get a file signature's status using both DeviceFileCertificate and FileProfile() to get the most complete picture.
https://t.co/u7Higt8rfa
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers