Threat Vector: Publicly Available Information
Information Posted Online Can Be a Stepping Stone for a Breach. As part of our commitment to staying on the forefront of cybersecurity, CyberMSI will be writing a series of threat vector blogs, starting with publicly available information. Posting too much information about your organization on the internet and social media can provide malicious actors […]
Common Causes for Ransomware Attacks
Learn from Past Incidents to Prepare for Future Ones. Ransomware has been a hot topic in the cybersecurity community for a while because it seems like everyone is getting hit. There are also massive consequences for getting hit, especially for industries that cannot afford to have operations interrupted for long. In this blog, we will […]
Custom Monitoring with Microsoft Sentinel Watchlists
Import Custom Data from Functionally Anywhere. Microsoft Sentinel users were recently given the option to insert their own data into Sentinel using Watchlists. This has opened a world of possibilities for security analysts and admins alike because they can include data that they have gathered from functionally any area they can think of to improve […]
CISA Incident Preparedness in Microsoft Sentinel
Make adjustments to your cloud environment to enhance your incident readiness. Cybersecurity and Infrastructure Security Agency (CISA) is a US government organization that is dedicated to making sure that the nation’s cybersecurity is as strong as it practically can be. CISA routinely produces cybersecurity recommendations that organizations can use to enhance their security and incident […]
How to Share Sentinel Features on GitHub
Share your Microsoft security ideas with the community. In Microsoft Sentinel, the features that are used to help with incident management can be customized so that they can be used for any situation that an analyst can think of. The customizability of the Microsoft Sentinel features has resulted in 1,000s of uploads to GitHub from […]
What is Happening in the Microsoft 365 Security Menu Consolidation?
Investigate multi-staged incidents in 1 menu instead of 3. Microsoft recently announced their intentions to consolidate some of their cloud security products and that they have already started the process. Some of the most obvious changes are already apparent like the new navigation options added to the Microsoft 365 Security menu, but what else will […]
Why Work at CyberMSI?
Develop your skills on an exciting new frontier. If you or someone you know is looking to get into cybersecurity as a career, CyberMSI is constantly expanding their team of cybersecurity professionals. We are trying to attract professionals with the most drive and potential, which is why we are putting extra effort into making sure […]
Minimum Permissions Needed for a Microsoft Cloud Security Analyst
Investigate Incidents Effectively with Principal of Least Privilege. Microsoft’s system of assigning permissions is a frequent source of confusion for security administrators that are trying to keep the level of permissions they are giving out to a minimum. Someone will walk into their office saying “I need security reader” not knowing that there are several […]
Deploy Microsoft Sentinel Analytic Rules from 3rd Party Sources
Deploy analytic rules from sources all over the web. The cybersecurity community is constantly developing and sharing analytics that can be used to detect potentially malicious activity. Cybersecurity analysts working with Microsoft Sentinel can take these shared analytics and turn them into analytic rules. The only issue is that there is not a clear set […]