Additional Microsoft Cloud Data Sets for Enhanced Security Visibility
Offered By: SANS via YouTube
Course Description
Overview
Explore additional Microsoft cloud data sets that are often overlooked but crucial for enhanced security in this 35-minute SANS DFIR Summit 2024 talk. Delve into the limitations of standard logging for Microsoft Entra ID and O365, and discover how tools like GraphRunner exploit the Microsoft Graph API. Learn about the challenges posed by simplified post-exploitation techniques and the importance of expanded data visibility. Gain insights into detecting suspicious activities, designing effective hunts, and leveraging underutilized data sets to combat sophisticated adversaries. Walk away with a deeper understanding of GraphRunner's capabilities, awareness of advanced Graph API logging options, and strategies for creating targeted detections to identify and mitigate potential threats in your Microsoft cloud environment.
Syllabus
Additional Microsoft Cloud Data Sets You May Not Be Looking At But Probably Should
Taught by
SANS Digital Forensics and Incident Response
Related Courses
Architecting Microsoft Azure SolutionsMicrosoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera