The CloudnSec Podcast

In this episode of CloudnSec, join me as I break down the vital role Operating Systems (OS) play in our digital lives.

Let's thinkg about how the OS harmonizes the various components of your devices to ensure performance and resiliency.

We’ll explore different types of OS, with a focus on General-Purpose OS, and dive into the critical security measures that protect your system at the Kernel level.

Whether you're a tech enthusiast or a cybersecurity professional, this video provides essential insights into the backbone of modern computing.

Check out the images and more details in my blog post:

https://andrecamillo.medium.com/operating-systems-types-and-common-archetypes-8db81455e1ac

Sources:

https://www.geeksforgeeks.org/types-of-operating-systems/

https://www.javatpoint.com/types-of-operating-systems

https://superuser.com/questions/305626/what-are-the-different-types-of-os-general-purpose-os-rtos-etc

https://www.bbc.co.uk/bitesize/guides/zbfny4j/revision/5

SANS released their 2024 Security awareness report which includes a range of polls from professionals all around the world - more than 1000 participants over 70 countries according to them.Let's have a look at the main results. Make sure to access the source for all the details 👇

Find the full report here:

https://www.sans.org/mlp/ssa-2024-security-awareness-report/

Follow and leave a comment.

https://linktr.ee/andrecamillo

This is an amazing tool for Offensive security professionals - make sure to check it out. Check out GraphSpy's github: https://github.com/RedByte1337/GraphSpy And follow Keanu on Linkedin for updates: https://www.linkedin.com/in/keanunys/

Answer is... yes, but not at a master level! At least not in this game... Here's why.

According to major consultancies and some extrta reports, here are some of the trends for the field in 2024. SOme have already turned into reality whereas others not so much, let's have a look at some of them. Sources: https://www.gartner.com/en/newsroom/press-releases/2023-03-28-gartner-unveils-top-8-cybersecurity-predictions-for-2023-2024 https://www.isaca.org/resources/news-and-trends/industry-news/2023/track-these-7-trends-for-proactive-cybersecurity-in-2024 https://www.forbes.com/sites/forbestechcouncil/2023/12/26/eight-cybersecurity-trends-to-watch-for-2024/?sh=25ca76044111 https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/critical-scalability-trend-micro-security-predictions-for-2024 https://www.microsoft.com/en/security/security-insider/microsoft-digital-defense-report-2023/

Flavio has been a Network and Cyber security professional for the past decade supporting Enterprises in Brazil with Cisco technologies and more recently Fortinet - and has dedicated himself to CompTIA certifications over the last couple years. In this chat, we talk about his journey and thinking behind using these certification frameworks to become a better Cyber Security Consultant / Presenter and the many successes of this journey and how the work put into it has affected his professional and personal (mental) life. He's also very active in social media and maintains a number of projects (most content in Portuguese): YouTube Channel: https://www.youtube.com/@segdesc LinkedIn: https://linkedin.com/oflavioc Instagram: https://www.instagram.com/segdesc/ Hope you enjoy the chat! Let me know in the comments your thoughts about it!

This is part 2 of my conversation with Ahmed, in which he goes in details on the Azure Well-Architected Framework and shares tips on how to use it properly.

Find the Azure Well Architected Framework documentation here: https://learn.microsoft.com/en-us/azure/well-architected/

Follow Ahmed Muhi on Linkedin: https://www.linkedin.com/in/ahmedmuhi/

And his blog and work here: https://www.iamachs.com/

Leave a like, Subscribe to support (It's all FREE! 😉) !

Check out my other projects and follow me on Linkedin / Spotify / etc:

https://linktr.ee/acamillo

Microsoft Azure Well Architected Framework (WAF) is a cornerstone of good Cloud Design.

In this session, Ahmed - Cloud Network MVP - explains what is WAF , how it compares to Cloud Adoption Framework and discuss the main updates for 2024 with its revised format.

Find the Azure Well Architected Framework documentation here: https://learn.microsoft.com/en-us/azure/well-architected/

Follow Ahmed Muhi on Linkedin: https://www.linkedin.com/in/ahmedmuhi/

And his blog and work here: https://www.iamachs.com/

Leave a like, sub and all the shananigas to help out!

Follow me everywhere else: https://linktr.ee/acamillo

This is available in spotify and my podcast: Cloudnsec learning Podcast.

Leopold Aschenbrenner has dropped a 160+ pages long document around his thoughts on the future of AI, and how much involvement the government should have in it. Fascinating thoughts, and parallels drawn with last century's biggest military project: the atomic bomb. A must read document for everyone, In this video I go over his thoughts that are related to the security of it all - and they are plenty! Relax, sit back, get your cup of coffee and reflect on his thoughts alongside me. Find the paper here: https://situational-awareness.ai/ Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

In late February 2024, NIST released the much anticipated (by cyber nerds, of course) Cyber Security Framework (CSF) 2.0. Some major changes are included, most notably the addition of a new Function with its categories. I've invited for this chat, Kelly Hood a Cyber Security Engineer from Optic Cyber Solutions (https://www.youtube.com/@OpticCyberwho's) been digesting the new framework and creating great content and commentary around the changes lately. Amongst the changes, the way NIST proposes the use of Profiles is something worth keeping an eye on. Check out our conversation about the subject which even tips into how AI should be part of organizations' plans... All the documents related to the newly released documents: https://www.nist.gov/cyberframework Images sourced from: NIST CSF 2.0: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf NIST CSF 2.0 Profiles: https://www.nist.gov/profiles-0 Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Impact, may be measured both subjectively and objectively - which (I learned, is) a true intersubjective concept. In Cyber security and Education impact can mean something as simple as conveying a message clearly. Describing complex themes in cyber security through images is a great way to do so and it's what Richard Diver, my interviewee for this episode does, brilliantly with his series: "Drawing Cyber Security" and a lot more. In the video we dicuss how he decided to start such articles, and his career has led him to most recently AI security, which he's recently released a book about, called "Guardians of AI: Building innovation with safety and security": https://www.amazon.com/Guardians-AI-Building-innovation-security/dp/B0D2TRVK33 In his own words: "Richard Diver is your guide through the intricate world of AI safety and security. With a career spanning 29 years in technology, Richard has experience in many roles, from support and engineering to architecture, consulting, sales, and now marketing and story design. His deep technical expertise in Microsoft Security, Compliance, and Identity (SCI) has been honed through experiences across multiple industries and collaborations with some of the world’s largest organizations, governments, and military customers. Not just a tech wizard, Richard is a storyteller. Dive into his world and discover the insights he has to offer." Linkedin: https://www.linkedin.com/in/rdiver/ His Books: https://www.amazon.com/stores/Richard-Diver/author/B075PGD64J?ref=ap_rdr&isDramIntegrated=true&shoppingPortalEnabled=true Modern SOC architecture article: https://www.linkedin.com/pulse/11-modern-soc-architecture-richard-diver/?trackingId=hWyfvr1BQ46MtmYhxzVaNQ%3D%3D Developer Security article: https://www.linkedin.com/pulse/12-developer-security-richard-diver/?trackingId=e9QkwCUKQ4aMp0g2eIm%2FpQ%3D%3D Leave a like, Subscribe to support - It's all free and made with passion! Check out my other projects and follow me on Linkedin / Spotify / etc: https://linktr.ee/acamillo

When I stumbled upon a blog post about OpenAI enabled Sentinel automation, I knew I was looking at potential. Not too long after, Another post revealed TI Mindmap - a cloud service for GPT enabled Threat Intelligence "digestion" if you will, and both created by Antonio Formato - an Italy-based Security Technical Specialist at Microsoft. I reached out to hear from him about the creation of these and more tools by him - turns out he's a very prolific and cyber security community supporter! His TI Mindmap rely on a research I covered last time, with Thomas Roccia, to prove the community builds on itself and the open source approach garners amazing results for everyone! Shout out to Thomas, once again. Amazing work Antonio! And thanks for the chat! You can findhis blog here: https://medium.com/@antonio.formato And TI mindmap here: https://ti-mindmap-gpt.streamlit.app/ Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Thomas Roccia is a Snr Cyber Security Researcher at Microsoft, a Book writer, tool creator for the Cyber Security Community, and a speaker at SANS summit and much more. In the Second part of this 2 part series I talk to him about his work and research on YARA Toolkit - an outcome from 100 days of YARA Challange. Among the cyber security community , open source tools are just imperative for effective work. And this here is something you must have your eyes on - if you're an Analyst / Engineer / Responder and even Forensic investigator - because YARA is one of those tools for these roles! This toolk greatly simplifies how you create and use YARA Rule, this is the YARA Toolkit, by Thomas Roccia. Details about the Yara Toolkit: https://blog.securitybreak.io/introducing-yara-toolkit-43dcab9caba1 The tool currently includes: 1. YARA Rule Generator 2. YARA Scanner 3. YARA Arsenal . Strings Mutation . ImpHash . Opcode Rule Gen . Strings Ranking Extraction and more. Read about the tool's capabilities here: https://blog.securitybreak.io/introducing-yara-toolkit-43dcab9caba1 Access it here: https://yaratoolkit.securitybreak.io/ And the awesome BYOK GPT enabled engined for YARA rules: DocYARA https://yaratoolkit.securitybreak.io/Ask_DocYara Check out his SANS CTI summit participation talking about this subject alongside Cyb3rwardog - Roberto Rodriguez, here: https://www.youtube.com/watch?v=9PpfYaAxFq4&t Check out his book here: https://store.securitybreak.io/threatintel His blog here: https://blog.securitybreak.io/ Twitter: https://twitter.com/fr0gger_ Follow him here: https://www.linkedin.com/in/thomas-roccia/ Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Thomas Roccia is a Snr Cyber Security Researcher at Microsoft, a Book writer, tool creator for the Cyber Security Community, and a speaker at SANS summit and much more. In the first part of this 2 part series I talk to him about his research on how to Apply LLM and AI to automate some Theat Intelligence gathering / review processes. Check out his SANS CTI summit participation talking about this subject alongside Cyb3rwardog - Roberto Rodriguez, here: https://www.youtube.com/watch?v=9PpfYaAxFq4&t Check out his book here: https://store.securitybreak.io/threatintel His blog here: https://blog.securitybreak.io/ Twitter: https://twitter.com/fr0gger_ Follow him here: https://www.linkedin.com/in/thomas-roccia/ Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

From Psychology to Cybersecurity: A Trailblazer's Tale 🛡️ In this part 2 of my conversation with Hilary Walton, we discuss her remarkable journey of overcoming challenges and setting new benchmarks in the tech and cyber industry. 🌐 Including how Hilary transitioned from the female-dominated domain of Psychology to stand her ground in the male-dominated fields of tech and cybersecurity. This video explores the unique challenges she faced, the impostor syndrome that crept in, and how she conquered these feelings to earn her place at the table with confidence. Half-way through she shares bits of wisdom on how to pursue goals with determination, building up relevant skills, and never losing sight of what you aim to achieve. Learn how mentors like Suzy Whiles and Hellen Clark played a pivotal role in her journey, offering insights that are not just valuable but also serve as a pro tip for anyone looking to grow in their field. And I couldn't help asking about her philosophy of Work and her focus on fostering a positive digital culture. From the origins of digital culture to the innovative methodology of "working out loud" as championed by John Stepper, this video unveils how using a network and being transparent about one's journey can pave the way for success, something I've been unknowingly doing for the past few years... She also shared how platforms like Social Media, YouTube, and Podcasts are not just tools for networking but pivotal in transparently sharing your journey, learning, and contributing to the digital community. Check out Hilary's projects including her Digital ideas whatsapp group: https://chat.whatsapp.com/LULdX7yAtPy37vLFiteXqW https://www.youtube.com/@UC4dwoi3AqnpBmiaWvkac76w Check out my other projects and follow me on Linkedin / Spotify / etc: https://linktr.ee/acamillo

In this Cyber Chat, I speak to Hilary Walton - She'll explain how she transitioned from the world of Psychology to a leading figure in Cyber Security as a CISO and now at Microsoft as a Technology Strategist/vCTO. Starting her journey in the Psychology unit of the defense force, Hilary took a leap across the pond to London where her adventure in Cyber Security began within the elite MI5's Behavioral Science Unit focusing on Security Culture. 🕵️‍♀️ Exploring various dimensions of cyber security, from the tangible aspects of physical security to the intricate layers of Information Security and beyond. One of the Highlights you'll hear about is her experience leading the charge on security for the monumental 2012 Olympic Games 🏆, implementing robust security policies and ensuring the games were safe and secure. Plus, running a SOC in the games! Well, in fact, ever wondered what it's like to work in the adrenaline-pumping early versions of a SOC, then known as "Protect and Monitor"? Hilary's been there, diving into "bibles" of playbooks at a moment's notice to tackle threats! Get ready to be inspired by Hilary's incredible journey from deciphering human behavior to mastering the art of cyber security! This is Part 1 one my conversation with her. Check out Hilary's projects including her Digital ideas whatsapp group: https://chat.whatsapp.com/LULdX7yAtPy37vLFiteXqW https://www.youtube.com/@UC4dwoi3AqnpBmiaWvkac76w Check out my other projects and follow me on Linkedin / Spotify / etc: https://linktr.ee/acamillo

Copilot for security is among us and a slew of capabilities have been added to Defender XDR.

I demo some of them in my demonstration tenant in the video.

Additional news include:

Microsoft named leader in Managed Detection and Response by Frost and Sullivan: https://www.microsoft.com/en-us/security/blog/2024/03/25/frost-sullivan-names-microsoft-a-leader-in-the-frost-radar-managed-detection-and-response-2024/

Defender for Endpoint improvements for MacOS and Offline Linux deployments!

Defender for Cloud Apps' role permissions have been updated.

Defender for Identity health checks via API

And more...

Here's the source and more articles/details:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-april-2024/ba-p/4104169

Follow me in other channels too: https://linktr.ee/acamillo

Thanks for tuning in and leave a comment to ohelp with the Algo!

When developing and using Generative AI solutions, as a Security professional, you will need to understand what are the threats that the technology might be exposed to.

Understanding attack surface is key to our jobs , of course.

Let's discuss this.

This is just a start to think about this subject but keen to hear your thoughts about it.

Learn more about this here: https://learn.microsoft.com/en-us/training/modules/responsible-generative-ai/5-mitigate-harms

Let me know in the comments your thoughts about it!

Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Copilot for security has launched today (April 1st, 2024) and after much industry antecipation it's finally Generally Available. In this video I cover how to get started with Copilot for security and important things you must know to navigate its UI, and get started with Promptbooks and plugin integrations. Here everything I goo through in the video: 1. Setup 2. Access Management 3. Standalone Experience Walkthrough 4. Prompting Experience & Best Practices 5. Embedded Experience Walkthrough 6. Testing and validating Intune integration 7. Validating Sessions 8. Deleting the Provisioned Security Compute Unit And here's what I need to do in follow up videos: 1. Discuss Copilot KQL capabilities in Standalone and Embedded 2. Showcase Analysis capabilities 3. Create executive summaries from Standalone Experience 4. More... Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Hey, there's a lot of different copilots flying out there recently (😏) but do you know their main difference? To some it's pretty obvious, but to some people, understanding the core mechanics behind the most popular ones can be life-changing in setting the expecations right. Let me know in the comments your thoughts about it! Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Let's take a look at MDC's portal and the main features included in Defender CSPM. And how to make sure you're using to its best value with workbooks. This is a continuation of my CNAPP video series, watch the other videos here: https://youtu.be/4CZiOzm8EHI If you want to learn more about Defender for Servers, check out my blog: https://medium.com/microsoftazure/microsoft-defender-endpoint-microsoft-defender-for-cloud-for-servers-53c95d8c8d92 And follow me onlinkedin, podcast, etc... https://linktr.ee/acamillo

Microsoft held its "Secure" event in march 2024 and unveiled a lot of good info on Copilot for Security availability.

Find the summary of the announcements here: https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/microsoft-copilot-for-security-general-availability-details/ba-p/4079970

This is What is Copilot for Security:

https://learn.microsoft.com/en-us/security-copilot/microsoft-security-copilot

These are the partners working with Microsoft to help shape Copilot for security in the private preview:

https://securitypartners.transform.microsoft.com/copilot-private-preview-partners?culture=en-us&country=us

An even more detailed look at how it works:

https://www.youtube.com/watch?v=0lg_derTkaM

I will definitely cover it in more details when it's out, so like / subscribe comment to support the channel! 😉💕

Let me know in the comments your thoughts about it!

Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Here are some of the highlihgts of the Defender XDR updates: Defender XDR Custom detections: https://learn.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-beta&preserve-view=true#custom-detections Defender for Identity alert threshold: https://learn.microsoft.com/en-us/defender-for-identity/advanced-settings Defender for identity Operationsl guides: https://learn.microsoft.com/en-us/defender-for-identity/ops-guide/ops-guide Defender for Office updates to Config Analzyer: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/updates-to-configuration-analyzer-in-microsoft-defender-for/ba-p/4043087 Defender Vulnerability Management Ninja Training: https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/become-a-microsoft-defender-vulnerability-management-ninja/ba-p/4003011 Here's the source and more articles/details: https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-march-2024/ba-p/4075876 Follow me in other channels too: https://linktr.ee/acamillo Thanks for tuning in and leave a comment to ohelp with the Algo!

This time around I had a chat with a Security Specialist at Microsoft who's been in the industry for decades with experience in the air force!

Dave Caddick has had great conversations with customers over the past few years and has consolidated all his knowledge into a open source project in Github, it's the "Get Security Done" (GSD) tool!

You can find the tool here:https://aka.ms/gsdHe explained to me his thinking behind the current version, the importance of protecting your Identities first with MDI, including some eye opening examples.

You'll also learn how to contribute via Github and have your name displayed as a contributor to the tool!Awesome work Dave!Let us know in the comments your thoughts about it!

Like, Subscribe and Follow for more: https://linktr.ee/acamillo

Are you ready to supercharge your cybersecurity infrastructure? In this video, we're diving deep into the process of preparing your Microsoft Defender for Cloud to seamlessly integrate with CNAPP (Cloud Native Application Protection Platform). 💪🛡️ 🔹 How MDC implements CNAPP and why is it crucial for modern cybersecurity? 🔹 Step-by-step guide to configuring Microsoft Defender for Cloud plans for CNAPP features. This is a continuation of my CNAPP video series, watch the other videos here: If you want to learn more about Defender for Servers, check out my blog: https://medium.com/microsoftazure/microsoft-defender-endpoint-microsoft-defender-for-cloud-for-servers-53c95d8c8d92 And follow me onlinkedin, podcast, etc... https://linktr.ee/acamillo

SPOILER ALERT: Using diagram as code, with Mermaid.live, my favorite way to diagram (and prob your new favorite one too). Check out the updated version of the Timeline of technologies created by Humans in my github: https://github.com/amcamillo/DnD-DecksnDiagrams/blob/main/Extra/Technology/Timeline%20of%20technologies%20developed%20by%20humans.png Leave a like, sub and all the shananigas to help out! Follow me everywhere else: https://linktr.ee/acamillo This is available in spotify and my podcast: Cloudnsec learning Podcast.

In this episode I talk to a Microsoft Partner, Defend NZ Ltd, about their recently realeased Content Hub Solution for Atlassian security alerts.

Thank you to Debac for joining me and explaining the solution to the wider community. You can find the solution under Sentinel's Content Hub section.

Microsoft announced Deception rules as part of Defender for Endpoint Plan 2 at ignite 23. Here's why Deceptive technologies are important for your cyber security program according to NIST and how it currently works in preview for Defender XDR. Announcement: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/ignite-news-augment-your-edr-with-deception-tactics-to-catch/ba-p/3982253 The blog post I mentioned from NIST's commentary on deceptive technologies: https://www.countercraftsec.com/blog/nist-documents-highlight-deception-technology/ Prerequisites to gain access to Deception Rules in Defender XDR, plus how to set it up: https://learn.microsoft.com/en-us/microsoft-365/security/defender/deception-overview?view=o365-worldwide Leave a like and subscribe. And follow other stuff at: https://linktr.ee/acamillo

February news in the Microsoft Defender XDR stack include: - Exciting new ways to manage incidents - New ways to interact with Microsoft Defender Experts - New section in Microsoft Defender Vulnerability Management for Vulnerable components! - Extension to Active Directory Group info in Defender XDR timeline and a lot more! Here's the source and more articles/details: https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-february-2024/ba-p/4046948 Follow me in other channels too: https://linktr.ee/acamillo Thanks for tuning in and leave a comment to ohelp with the Algo!

Passing CISSP is no easy feat, in my case, it took me 5+ years of sandbagging and a lot of hours of study to get through it. In this video I share how I passed it and the material I've used, straightforward, some of my numbers: - 100+ hours of study in the last few months alone and - 800+ Practice questions reviewed. - 10+ people in the study group - ~120 questions to pass the exam '+++++++++++++++ Study Plan / Guide: https://github.com/amcamillo/Certifications/blob/main/CISSP/CISSP%20Study%20Plan%20Template.pdf

If you're writing code ocasionally like I do, you should have your stuff double checked before using and before sharing it. This is why I created the "Code Checker" GPT, available here for GPT plus subscribers: https://chat.openai.com/g/g-GG2BbPFGS-code-checker SDLC ensures efficient, error-free software creation, guiding development from planning to deployment, boosting quality and user satisfaction and helps avoid these threats: Security Vulnerabilities Poor Quality Software Cost Overruns and Delays Lack of User Satisfaction Compliance Issues Maintenance Challenges Give it a go and let me know. Follow me in other social media: https://linktr.ee/acamillo. Like, dislike, comment and subscribe to help with the algo!

CNAPP is a major theme amongst Cloud and Cyber security teams - a bridge, that leads to a pot of happiness, if you like silly analogies.

Sources:

1.https://www.paloaltonetworks.com/blog/prisma-cloud/get-to-know-cloud-native-application-protection-platforms/

2. https://www.microsoft.com/en-us/security/business/security-101/what-is-cnapp

3. https://vikeso.medium.com/cnapp-deconstructe-4860ad385f46

4. Unpublished post at my blog: https://medium.com/@andrecamillo

5. https://www.microsoft.com/en-us/security/business/security-101/what-is-cnapp

6. Solutions in this market: https://www.gartner.com/reviews/market/cloud-native-application-protection-platforms

7. the Deck I used: https://github.com/amcamillo/DnD-DecksnDiagrams/blob/main/IndustrySolutions/CNAPP-101.pdf

Leave a like and subscribe.And follow other stuff at: https://linktr.ee/acamillo

In this video, I will cover Microsoft Defender XDR January Updates. Here are some of the highlights: Higlights include: - Defender Boxed, a personalized SOC summary service, - unified RBAC model, improved incident queue and assignment, - ITDR dashboard - Defender IoT updates Source and more details: https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-january-2024/ba-p/4025630

Microsoft AI-900: Azure AI fundamentals is a foundational exam for people studying and starting to work with AI, especially within Azure. In this video I go over some great content to help you prepare for the exam, these are free assessment questions for you to get acquainted to the kind of questions you can expect in the exam. You can find the assessment here: https://learn.microsoft.com/en-us/credentials/certifications/practice-assessments-for-microsoft-certifications If you like this, make sure to like and subscribe. ----------------------------------------------------------------------------------------------------------------------- Other content you should review before the exam: John Savill: https://www.youtube.com/watch?v=E9aarWMLJw0 Susanth Suthesh: https://www.youtube.com/watch?v=TOZZ0iWdrO0

The year that ended left along list of cyber attacks that plagued businesses, BAU, unfortunately. So, Using Google Trends and my own monthly reporting from last year, I thought of compiling the top stories that made the headlines in 2023. Amongst the affected we had MGM resorts, DP world Australia and Suncor Energy. Have a look at my content and follow me on Medium / Youtube / Instagram / etc: https://linktr.ee/acamillo

Protecting your Infrastructure with Zero Trust Approach will invariably require a modern way to authenticate not just your users — but your largest and liekly most at risk piece of the environment: your Applications and Scripts’ authentication.

Modern Identity Providers will often allow customers to authenticate these accounts using specific controls and conditions. 

In Microsoft’s terminology, we call it: Conditional Access. In this episodr I’ll dive into how to use CA to these infrasturcture components.

Every month Microsoft releases a newsletter with Defender 365 updates. Here's my highlights for this month edition. Make sure to find the official and all other updates in the official page here https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-december-2023/ba-p/3998431 Subscribe for more! & Follow me: https://linktr.ee/acamillo

Strategic Cyber Security Report November 2023Public information you should be aware of related to Cybersecurity.

All sources and more in the written report:

https://andrecamillo.medium.com/strategic-cyber-security-report-november-2023-edition-64a243c8f5d8

Every month Microsoft releases a newsletter with Defender 365 updates.Here's my highlights for this month edition.Make sure to find the official and all other updates in the official page here

https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/monthly-news-november-2023/ba-p/3970796

Subscribe for more! & Follow me: https://linktr.ee/acamillo