Core Infrastructure and Security Blog | Microsoft Community Hub

Latest Blog Articles

3 MIN READ

Best Practices for Investigating Phishing Incidents in Microsoft Defender for Office 365

Discover best practices for investigating phishing incidents with Microsoft Defender for Office 365. Learn how to use the Incidents tab, analyze threats, and accelerate response with Security Copilot...

EunjiGil Core Infrastructure and Security Blog

Jun 20, 2025

Defender XDR

Eunji Gil

Incident investigation

MDO

microsoft defender for office 365

1.5KViews

1like

0Comments

37 MIN READ

Introduction to Network Trace Analysis 06: Kerberos it’s AUTH-some!

New to the series? Be sure to check out the previous posts! Introduction to Network Trace Analysis Part 0: Laying the Groundwork Introduction to Network Trace Analysis Part 1: Asking Que...

WillAftring Core Infrastructure and Security Blog

1.3KViews

2likes

1Comment

9 MIN READ

Check This Out! (CTO!) Guide (May 2025)

Hi everyone! Tyson Paul here with this month’s “Check This Out!” (CTO!) guide. Our goal with these posts is to guide you toward content that piques your interest, whether it's for learning, trouble...

TysonPaul Core Infrastructure and Security Blog

Jun 10, 2025

tysonpaul

221Views

1like

0Comments

6 MIN READ

Understanding Device Control for macOS in Defender for Endpoint

Step-by-step implementation guide Requirements for Implementing Device Control: Defender for Endpoint or Defender for Business licenses (can be a trial subscription) Minimum OS version: macOS...

edgarus71 Core Infrastructure and Security Blog

Jun 09, 2025

Defender for Endpoint

Device control

546Views

4likes

2Comments

5 MIN READ

Protect Tier 1. Sleep well at Night.

In case you have not yet protected Tier 0, consider reviewing our article about protecting Tier 0 the modern way. Tier 1 is more difficult to outline as there are typically different security ...

DagmarHeidecker Core Infrastructure and Security Blog

May 29, 2025

active direcory

Active Directory (AD)

DagmarHeidecker

JIT

Just in Time (JIT)

2.6KViews

1like

2Comments

7 MIN READ

Demystifying Anomaly Detection in Microsoft Sentinel using KQL

In this article, we break down the math behind anomaly detection, explain it in simple terms, and walk through practical use cases using sample data such as user login attempts and firewall logs. U...

Kausd Core Infrastructure and Security Blog

May 27, 2025

Anomaly Detection in Microsoft Sentinel Using KQL

Anomaly detection Microsoft Sentinel

1.1KViews

2likes

0Comments

4 MIN READ

Sentinel-Threat Intelligence Feeds Integration to strengthen Threat Detection & Proactive Hunting.

Combining threat intelligence feeds is important for detecting threats and identifying Indicators of Compromise (IOCs) in various scenarios. Here are some key situations where this approach is advant...

SantoshPargi Core Infrastructure and Security Blog

831Views

1like

0Comments

7 MIN READ

Migrating BitLocker Recovery Key Management from ConfigMgr to Intune: A Practical Guide

Hi, I'm Herbert Fuchs, a Cloud Solution Architect. In this blog, I’ll guide you through migrating existing BitLocker recovery keys from Configuration Manager to Intune—especially for scenarios involv...

ms-foxworks Core Infrastructure and Security Blog

2.2KViews

3likes

0Comments

4 MIN READ

Sentinel Notebook: Guided Hunting - Domain Generation Algorithm (DGA) Detection

Overview This notebook, titled “Guided Hunting - Domain Generation Algorithm (DGA) Detection”, provides a framework for investigating anomalous network activity by identifying domains generated by ...

jaredgraff Core Infrastructure and Security Blog

853Views

2likes

0Comments