Leveraging Microsoft Defender for Identity
Рет қаралды 14,176
Күн бұрынUsing Defender for Identity to detect and respond to attacks again my on-premises Active Directory environment and understanding its full capabilities and integration with the larger Defender XDR.
🔎 Looking for content on a particular topic? Search the channel. If I have something it will be there!
▬▬▬▬▬▬ C H A P T E R S ⏰ ▬▬▬▬▬▬
00:00 - Introduction
00:40 - Protection for cloud identity and apps
03:19 - On-premises identity
05:21 - Bringing signals together and ITDR
06:39 - ITDR in Defender
08:40 - Defender for Identity capabilities
09:56 - Example incidents and alerts
13:42 - Defender for Identity sensor deployment
16:06 - Sensor updating
16:49 - Sensor behavior
17:47 - Hunting on login activity
19:16 - Signals inspected by Defender for Identity
21:23 - Licensing
22:36 - Summary and next steps
23:43 - Close
▬▬▬▬▬▬ K E Y L I N K S 🔗 ▬▬▬▬▬▬
► Whiteboard:
🔗 github.com/johnthebrit/Random...
► List of alerts for MDI:
🔗 learn.microsoft.com/defender-...
► Licensing:
🔗 learn.microsoft.com/defender-...
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
📖 Recommended Learning Path for Azure
🔗 learn.onboardtoazure.com
🥇 Certification Content Repository
🔗 github.com/johnthebrit/Certif...
📅 Weekly Azure Update
🔗 • Azure Infrastructure U...
☁ Azure Master Class
🔗 • Microsoft Azure Master...
⚙ DevOps Master Class
🔗 • DevOps Master Class
💻 PowerShell Master Class
🔗 • PowerShell Master Class
🎓 Certification Cram Videos
🔗 • Microsoft Certificatio...
🧠 Mentoring Content
🔗 • Virtual Mentoring
❔ Questions? Maybe I answered it in my FAQ
🔗 savilltech.com/faq
👕 Cure Childhood Cancer Charity T-Shirt Channel Store
🔗 johns-t-shirts-store.creator-...
👂 Enable the subtitles and from there you can translate to your native language via the auto-translate feature in settings! • KZbin Captions and A... for a demo of using this feature.
SUBSCRIBE ✅ / @ntfaqguy
#microsoft #azure #johnsavillstechnicaltraining
@NTFAQGuy 3 ай бұрын
In this video we explore bring signals in from our Active Directory into our complete Identity Threat Detection and Response solution! Please make sure to read the description for the chapters and key information about this video and others. ⚠ P L E A S E N O T E ⚠ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰 I don't discuss future content nor take requests for future content so please don't ask 😇 🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc. 👂 Translate the captions to your native language via the auto-translate feature in settings! kzbin.info/www/bejne/rGbFZmZjhcx4o6s for a demo of using this feature. Thanks for watching! 🤙
@AzureCloudCowboy 3 ай бұрын
Morning John . Awesome topic
@AP-wd5fn 3 ай бұрын
I thought I was pretty well versed in MDI but I had no idea they had added an Identities dashboard in the Defender portal for it! Very helpful info and some good data coming from that dashboard. Thanks as always John, your content never fails to inform.
@NTFAQGuy 3 ай бұрын
Great!
@laykside 3 ай бұрын
I've noticed the new dashboard: I was able to discover account that have been idle but enabled and account where passwords have been set not to expire. Great tool
@dsmonroe63 3 ай бұрын
Such a powerful tool and a no-brainer to enable. Great video!
@NTFAQGuy 3 ай бұрын
It really is!
@ZATennisFan 3 ай бұрын
The Tshirt is aging you John 🤣🤣
@NTFAQGuy 3 ай бұрын
I think many other things age me :-D
@frankeccles5531 3 ай бұрын
Thank you straight talking and very informative love your videos now understand this a lot better.
@NTFAQGuy 3 ай бұрын
Excellent!
@markdriver8511 3 ай бұрын
Great as always thanks 🙂
@NTFAQGuy 3 ай бұрын
My pleasure!
@ronvansantvoort508 3 ай бұрын
Love the shirt
@ZATennisFan 3 ай бұрын
The key to this tool in many ways is setting up the AD auditing exactly as per the documentation. One of the first things I used it for was tracing and auditing group membership changes....
@recgou 3 ай бұрын
Indeed it was a pain, but it’s much easier now with the Powershell module.
@laykside 3 ай бұрын
Last year when setting this up was a pain, i ran into some issues but seeing that it now comes with the Powershell modules that's smooth.
@KenPatterson-vw9yj 3 ай бұрын
"Clark Kent" "Bruce Wayne" Name drop much? smh. har har. Thanks for the video, good work! :)
@wmercer7234 3 ай бұрын
Back in my day we used Novell Netware for Identity
@dirk43094 3 ай бұрын
Back in my day we didn't have FSMO. Thanks John!
@NTFAQGuy 3 ай бұрын
ROFL
@VirtualPackets 3 ай бұрын
Thanks again, great content as always.
@NTFAQGuy 3 ай бұрын
Appreciated!
Microsoft Security Community
Рет қаралды 1,7 М.
John Savill's Technical Training
Рет қаралды 9 М.
AI Samson
Рет қаралды 10 М.
John Savill's Technical Training
Рет қаралды 12 М.