Peter Chen

Easily Manage Privileged Role Assignments in Microsoft Entra ID Using Audit Logs 🔸 Manage Privileged Role Assignments in Microsoft Entra ID 🔸 Audit and Monitoring for Role Assignments 🔸 Role Assignment Optimization https://t.co/uDQhZFYZbj

Zero Touch Enrollment of MDE on iOS/iPadOS devices managed by Intune 🔸 Zero Touch Enrollment of MDE on iOS/iPadOS 🔸Onboarding for Supervised and Unsupervised Devices https://t.co/936UENT0uf

Threat Hunter Playbook 🔸Windows knowledge library 🔸Pre-hunt data management 🔸Guided hunting for Windows 🔸Hunting using Jupyter Notebooks https://t.co/8WzL8HCkBq

Multi-Cloud Architecture for ISVs https://t.co/Z6Cc1oUuRZ

Project Copacetic (Copa) - Microsoft's Open-Source Image Security Tool 🔸Scan images for vulnerabilities 🔸Implement access control 🔸Monitor image changes 🔸Automate security processes https://t.co/Yqm0k6QNVR

Reducing Memory Consumption in scripts while using Exchange Online PowerShell V3 Module 🔸Do not load the help package 🔸Load only specific cmdlets which are required by a script 🔸Create a new PowerShell process for each new Exchange Online connection https://t.co/i9sJ4DcelC

Deprecation of legacy Microsoft LAPS - October 23, 2023 https://t.co/3BhlCkswDG

Delegate Azure role assignment management using conditions 🔸The ability to enable others to assign Azure roles but add restrictions on the roles they can assign and who they can assign roles to https://t.co/xb53pYx2Dd

Microsoft Defender for Endpoint streamlines device connectivity 🔸Simplified domain *.endpoint.security.microsoft.com 🔸Static Defender for Endpoint-dedicated IP ranges instead of URLs 🔸Support for Defender for Endpoint Azure service tags https://t.co/guMV5pUnTO

Learn about Event Tracing for Windows (ETW) logs 🔸ETW events helps to understanding what is happening under the hood of Windows devices https://t.co/ffGtxGFrFk

Microsoft Graph Activity Log (Public Preview) 🔸 Investigate API request activity (reads, writes, and deletes) https://t.co/SfFlqM1tiP

Azure Firewall Tips from the Field https://t.co/vUc7EtKcq0

Implementing Inbound SMTP DANE with DNSSEC for Exchange Online https://t.co/WLHYtgaOGS

Active Directory Hardening – Disabling NTLMv1 https://t.co/up1hVcY45g

Query Azure Resource Graph from Sentinel or Azure Monitor 🔸Combine Azure Resource Graph tables with a Log Analytics workspace 🔸Create an alert based on a cross-service query 🔸Use arg("").<Azure-Resource-Graph-table-name> https://t.co/H4E2b0uraf

Microsoft Defender Endpoint (MDE) for SAP Applications on Windows Server https://t.co/kcXKNAPtad

Migrate Windows Autopilot devices between tenants https://t.co/69L9fzySc2

Azure Monitor Logs table reference Great reference for anyone that creates Sentinel Analytics Rules or Hunting queries. 🔸reference organized by resource type 🔸reference organized by category https://t.co/vFgrEv9Y49