YoVDO

Additional Microsoft Cloud Data Sets for Enhanced Security Visibility

Offered By: SANS via YouTube

Tags

Microsoft Entra ID Courses PowerShell Courses OAuth Courses Azure Active Directory Courses Cloud Security Courses Log Management Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore additional Microsoft cloud data sets that are often overlooked but crucial for enhanced security in this 35-minute SANS DFIR Summit 2024 talk. Delve into the limitations of standard logging for Microsoft Entra ID and O365, and discover how tools like GraphRunner exploit the Microsoft Graph API. Learn about the challenges posed by simplified post-exploitation techniques and the importance of expanded data visibility. Gain insights into detecting suspicious activities, designing effective hunts, and leveraging underutilized data sets to combat sophisticated adversaries. Walk away with a deeper understanding of GraphRunner's capabilities, awareness of advanced Graph API logging options, and strategies for creating targeted detections to identify and mitigate potential threats in your Microsoft cloud environment.

Syllabus

Additional Microsoft Cloud Data Sets You May Not Be Looking At But Probably Should


Taught by

SANS Digital Forensics and Incident Response

Related Courses

Architecting Microsoft Azure Solutions
Microsoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera