Category: Microsoft Security
-
Microsoft Entra Backup and Recovery: A Practitioner’s Guide to What it Does and Does Not Solve
On 19 March 2026, Microsoft quietly released one of the most requested enterprise identity features to Public Preview: a native, platform-managed backup and point-in-time recovery capability for Entra ID tenant configuration. No big announcement, no Message Centre notification. Just a new blade in the Entra admin centre. This post cuts through the surface-level excitement, maps…
-
Entra Tenant Governance: How It Works in Practice
Entra Tenant Governance extends UTCM into a multi-tenant governance model, adding tenant discovery, governance relationships and policy templates on top of Microsoft’s native monitoring and snapshot engine. This post breaks down how it works mechanically, what each licensing tier unlocks, where the control-plane risks sit, and when native governance makes sense versus third-party tooling.
-
Step-by-Step: Build a Copilot Agent for Smarter Intune Alerts in 15 Minutes
Every IT professional knows the struggle: an Intune notification pings with a vague error code or cryptic alert about a device compliance issue, failed update, or potential security threat. You’re left scratching your head, wondering, “What does this even mean?” These unclear messages can bury critical issues, like non-compliant devices or malware risks, in a…
-
Microsoft Dumps OTP Authentication for SharePoint Online Sharing with Entra ID B2B
Microsoft is phasing out One-Time Passcode (OTP) authentication for SharePoint Online and OneDrive external sharing, replacing it with Entra ID B2B Collaboration, effective July 1, 2025 (MC1089315). Legacy OTP links will stop working, requiring users to re-share content to restore access for external collaborators, who must also register for mandatory MFA. Prepare now by notifying…
-
AI Governance in 2025: Protecting Against Data Exfiltration
As Artificial Intelligence (AI) transforms industries with unparalleled innovation, it also brings serious security risks like data leaks and malicious attacks. A staggering 57% of organisations report rising AI-related incidents, yet 60% lack basic controls. This blog explores the top AI threats, including data exfiltration and malicious prompt injection, and outlines a Zero Trust framework…
-
How to Enhance Microsoft 365 Auditing: Beyond the Unified Audit Log
Discover how to strengthen your Microsoft 365 auditing strategy in this practical guide. Learn the strengths and limitations of the Unified Audit Log (UAL) and explore actionable steps to go beyond its basics—using Audit (Premium), SIEM integration, PowerShell automation, and more. Perfect for IT professionals aiming to boost security and compliance with advanced auditing techniques.…
-
Securing Windows Recall: A Guide to Enterprise Management and NIS2 Alignment
Discover Windows Recall, the AI-powered Windows 11 feature sparking security debates. Learn about its rocky start, the April 2025 updates addressing privacy concerns, and critical risks for CISOs. Get a step-by-step guide to manage it with Intune and ensure NIS2 compliance. Is your enterprise ready to balance innovation with data protection? Read more!
-
Implementing Microsoft Defender for Cloud: Mastering Server Protection with Defender for Servers
Discover how to implement Microsoft Defender for Cloud’s dedicated Defender for Servers plan to secure your server workloads across on-premises, hybrid, and multi-cloud environments. This guide explains why Defender for Cloud is the superior choice over Defender for Endpoint for server security, offering advanced threat detection, compliance monitoring, and streamlined management. Follow our step-by-step instructions…
-
Mastering Microsoft Sentinel: 25 KQL Queries for Powerful Threat Detection
Unlock the power of Microsoft Sentinel with this comprehensive guide featuring 25 essential KQL queries for potent threat detection. In this post, you’ll discover expertly crafted queries designed to identify a range of adversary tactics—from password spraying and suspicious PowerShell executions to unusual login patterns and obfuscated scripts. Whether you’re looking to refine your current…
-
Maximising Security and Performance with Microsoft Defender Antivirus and Intel TDT
In an era where sophisticated cyber threats and performance demands converge, Microsoft Defender Antivirus (MDAV) rises to the challenge with advanced hardware acceleration. By integrating Intel Threat Detection Technology (TDT), MDAV enhances endpoint protection while maintaining efficiency. Features like Accelerated Memory Scanning and Cryptojacking Detection offload resource-intensive tasks to the GPU, ensuring robust security without…