M365 Log-Size Calculation for Sentinel

Sentinel Log-Size M365 Banner

Microsoft Sentinel is ideal for extending the functions of Microsoft Defender XDR and other Defender products. I have already explained this in more detail in the blog entry https://www.graber.cloud/microsoft-sentinel-for-microsoft-365-a-must-have/. But what does Microsoft Sentinel for Microsoft 365 actually cost? There is no clear answer to this question, which is due to the difficulty of calculating the M365 log size for Microsoft Sentinel. This blog deals with precisely this question. It is intended to serve as a guide for cost estimation and shed some light on the darkness of log size and Sentinel costs. M365 Log-Size Calculation for Sentinel - a guide to cost estimation.

Microsoft Sentinel for Microsoft 365 – a must have!

Microsoft Sentinel is a cloud-native SIEM and SOAR solution. Microsoft 365 offers integrated security functions for Azure Active Directory (Entra), Microsoft Defender for Office 365, Microsoft Defender for Endpoint and Microsoft Cloud App Security. However, these features do not cover all possible attack vectors and vulnerabilities that hackers could exploit. In this blog post, I explore how Microsoft Sentinel extends the capabilities of Microsoft Defender XDR (and other Defender products).

Defender for Servers without Azure Arc

Header for Blogpost "Defender for Cloud without Azure Arc

If you want to protect your servers from cyber threats, you may be relying on Defender for Servers from Microsoft, a leader in the Gartner Magic Quadrant. Microsoft has now announced the direct onboarding of Defender for Servers without Azure Arc and is now officially available. Direct onboarding is a new feature that allows you to add the servers you want to protect to Defender for Servers without needing Azure Arc for Servers. In this blog post, I'll explain what this means, the benefits of this option, and who can benefit from it. I will also compare the new option with Azure Arc for Servers.

Protecting AAD identities with the right MFA method

It's no secret: cyberattacks are becoming more frequent and more sophisticated. But even the simplest techniques often lead the attackers to success. After all, the weakest link in the defense against cyber attacks is the human being. In this post, I show how you can protect Azure Active Directory (AAD) identities with the right MFA method without neglecting the human factor. Not only is the security aspect important to consider, but also user acceptance.

Azure AD Connect Cloud Sync Announcement

AADC Cloud Sync Announcement Banner

Azure AD Connect (AADC) is an identity synchronization tool from Microsoft, responsible for synchronizing identity data from the local directory service to Azure Active Directory (AAD). Microsoft is announcing that the Azure AD Connect identity synchronization tool is giving way to a successor and will likely be retired in the future. Microsoft's announcement states that the successor, Azure AD Connect Cloud Sync, will take over completely.

Azure Files and Kerberos Support - A Cloud Story

AZ Files and Kerberos - Header

Back in 2021, Kerberos support for Azure AD was available as a preview. A lot has happened since then and the three-headed hellhound continues to make its way and shake up the cloud. This article is a collection of information on what Azure AD with Kerberos and Azure Files already provides and where the journey will go. This is because support for Azure Files with Kerberos has also recently been publicly communicated, although at the time of writing this article it is still in preview.

Application Gateway WAF v2 Custom Rules

Header - AppGW WAF v2 Custom Rules

The Application Gateway WAF v2 has brought some new features compared to v1, including the ability to create "WAF Custom Rules". In this short article I would like to discuss these "Custom Rules" and show how you can successfully create them. I have added some hints to the article that are difficult or impossible to find in the Microsoft documentation.

en_GBEnglish