Not a bad day. Just the Internet.

#MXDR #Tarlogic #incidentresponse

Marty and Doc would be proud...

#MXDR #Tarlogic #Cybersecurity

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

I’s critical that you not only have your environments well protected using #ZeroTrust principles leveraging advanced security technologies but also have the expertise available to them to fully triage events and respond to incidents 24x7 a week🛡️ #MXDR

https://www.microsoft.com/en-us/security/blog/2023/07/10/meet-unprecedented-security-challenges-by-leveraging-mxdr-services/?utm_content=buffer21e2a&utm_medium=social&utm_source=bufferapp.com&utm_campaign=buffer

Next week at #RSAC you'll probably hear about MXDR quite a bit in the expo trenches. Did you know through MISA we already partner with 36 experienced, capable, and verified Managed XDR Solution providers?

https://rodtrent.com/kqw

#MISA #Cybersecurity #MicrosoftSecurity #Security #MXDR #RSAC2023