XDR 'Cross-Domain' Attack Sim w/ Microsoft 365 Defender (SMB Recon, C2,Shellcode Injection)

preview_player
Показать описание
You just enabled Microsoft's XDR solution: Microsoft 365 Defender. Now what do you do? It's time to run some attack simulations...

Table of Contents:
00:00:00 Intro
00:00:21 Lab Setup
00:01:23 Running the Attack
00:02:16 XDR Incident Creation
00:02:40 Auto Investigation
00:03:25 Understanding the attack
00:04:18 Try it!
  1. Matt Soseman
  2. xdr
  3. extended detection and response
  4. microsoft 365 defender
  5. attack simulation
Рекомендации по теме
XDR 'Cross-Domain' Attack 0:04:53

XDR 'Cross-Domain' Attack Sim w/ Microsoft 365 Defender (SMB Recon, C2,Shellcode Injection...

[Webinar] - Microsoft 1:28:30

[Webinar] - Microsoft 365 Defender: Stop attacks with automated cross-domain (XDR) security

Threat hunting with 0:04:32

Threat hunting with Microsoft 365 Defender

Automate threat detection 0:18:14

Automate threat detection and response with Azure Sentinel and Microsoft 365 Defender

Enable XDR in 0:02:25

Enable XDR in Minutes...(Microsoft 365 Defender)

Barracuda XDR Cloud 0:03:37

Barracuda XDR Cloud Security Threat Simulation: Impossible Travel

MICROSOFT DEFENDER FOR 0:18:03

MICROSOFT DEFENDER FOR ENDPOINT-ATTACK SIMULATION SCENARIO-POWERSHELL SCRIPT IN FILELESS ATTACK

Microsoft Defender course/training: 2:10:03

Microsoft Defender course/training: Learn how to use Microsoft Defender

Discover Microsoft 365's 0:56:22

Discover Microsoft 365's Defender Suite with Microsoft

Microsoft 365 Defender 0:38:08

Microsoft 365 Defender Webinar: The story behind eSentire MDR with Microsoft 365 Defender

Azure Defender for 0:06:50

Azure Defender for IoT Ep 12: Risk Assessment

What is Microsoft 0:15:26

What is Microsoft Defender XDR?

Microsoft Defender for 0:00:47

Microsoft Defender for Office 365 Plan 2

Portal Redirection in 0:01:59

Portal Redirection in Microsoft 365 XDR

Cross-Domain Access Control 0:01:00

Cross-Domain Access Control Encryption: Arbitrary-Policy, Constant-Size, Efficient

Deploy Office 365 0:13:04

Deploy Office 365 ATP Configurations in 30 Seconds

Mastering Configuration in 0:05:33

Mastering Configuration in Microsoft Defender for Office 365

Cloudy with a 0:44:39

Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild

Breaking the Attack 0:26:16

Breaking the Attack Graph: How to Leverage Graphs to Strengthen Security in a Domain Environment

Microsoft Defender Training 0:15:40

Microsoft Defender Training Series Part 5: New unified Security Portal

An alternative approach 0:05:51

An alternative approach to secops

Offensive Ops In 0:58:55

Offensive Ops In macOS Environments - by Cedric Owens

Using SIEM to 0:49:53

Using SIEM to Improve Threat Detection and Response | Ingram Micro Cyber Security

FREE Course for 0:34:30

FREE Course for SC 900 Microsoft Security Fundamentals. Part 3

Комментарии
Автор

While the shades and cap look great and slick!
That Surface Hub looks fun :) Hope you enjoy

andrewmccallum
Автор

Great overview Matt, thanks - really like the way you've picked up the starter pointers / then run through the pro's con's / I'll follow thru the follow up videos / thanks!

andrewmccallum
welcome to shbcf.ru