top of page

WELCOME TO CRONINITY

Woman with Headphones
Clicking on a Tablet
Sleep App
Girl with Tablet
In the Woods
Augmented Reality Glasses
Home: Welcome
Search
brencronin
Dec 30, 20253 min read

Defender XDR - Part 5f - Unified Console

Rolling Aerts into Incidents - XDR A key strength of Microsoft Defender is its ability to correlate disparate alerts from various detection sources into a single, cohesive incident view. This approach enables defenders to understand an attack or compromise holistically rather than managing fragmented alerts. Microsoft Defender XDR extends this capability by continuing to unify and correlate alerts from multiple security domains, identity, endpoint, email, and cloud applicatio

 
 
 
brencronin
Dec 30, 202520 min read

Microsoft SC200 Certification - Microsoft Copilot - Part 8

Microsoft Copilot Overview Microsoft has named its Artificial intelligence (AI) product Copilot. Microsoft currently offers the following AI products. Microsoft Security Copilot is the AI product that is covered in the SC-200 exam. Copilot for Microsoft 365 : This version is designed for businesses and integrates AI into Microsoft 365 apps like Word, Excel, PowerPoint, Outlook, and OneNote. Copilot for Sales : This version helps sales teams maximize effectiveness and close

 
 
 
brencronin
Dec 30, 20257 min read

Microsoft SC200 Certification - Microsoft Purview - Part 4

Microsoft Purview is a unified data protection and governance platform that combines legacy Microsoft security tools with new, advanced capabilities to help organizations safeguard their data. It provides a broad range of solutions, enabling multiple teams within an organization to collaborate effectively in achieving data protection, governance, and compliance. Why Microsoft Purview Stands Out Extensive Coverage – It integrates Data Governance, Data Loss Prevention (DLP), In

 
 
 
brencronin
Dec 30, 20254 min read

Microsoft SC200 Certification - Microsoft Endpoint & eXtended Detection Response (EDR/XDR) Part 2D - Microsoft Defender for Cloud Apps (MDCA)

Microsoft Defender for Cloud Apps (MDA) Microsoft  Defender for Cloud Apps (MDA) primarily focuses on discovering and assessing the applications used within your environment. It includes a risk rating system that evaluates app risk levels, enabling you to establish policies that restrict or allow the use of specific applications. MDA also monitors for suspicious app behavior. For instance, consider an app like AZCopy, a Linux-based tool for transferring data from Azure. If an

 
 
 
brencronin
Dec 30, 20255 min read

Microsoft SC200 Certification - Microsoft Endpoint & eXtended Detection Response (EDR/XDR) Part 2C - Microsoft Defender for Office (MDO)

Microsoft Defender for Office365 (MDO) Think of MDO as your email security gateway, constantly scanning emails to defend against phishing, malware, and spoofing attempts. Here's how it works: Analyzing Email Sources : Evaluates the origin of emails, checking against databases of known malicious senders and infrastructure. Verifying Sender Authenticity : Confirms whether the sender's identity, brand, and domain are legitimate. For external domains, spoof intelligence ensure

 
 
 
brencronin
Dec 30, 20258 min read

Microsoft SC200 Certification - Microsoft Endpoint & eXtended Detection Response (EDR/XDR) Part 2B - Microsoft Defender for Identity (MDI)

Microsoft Defender for Identity (MDI) Identity Protection: Understanding and Addressing Identity-Based Threats Identity protection focuses on identifying and mitigating weaknesses and threats related to identity systems. The adage "Identity is the new perimeter" may be overused, but it accurately highlights the reality of modern cybersecurity. Threat actors target identities because they grant access to systems and sensitive information. With the growing shift to cloud-based

 
 
 
brencronin
Dec 30, 20259 min read

Microsoft SC200 Certification - Security Operations Analyst - Part 1

Demystifying the Microsoft SC-200 Certification The Microsoft SC-200 certification is designed for cybersecurity analysts and engineers who work with Microsoft's security solutions. According to Microsoft, the SC-200 course teaches professionals how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud. Microsoft is a dominant player in the cybersecurity industry, offering a broad suite of security

 
 
 
brencronin
Apr 24, 202522 min read

Microsoft SC200 - Sentinel SIEM/SOAR Part 5b - Analytics & Automations

Sentinel Detections and Automations In the previous section, we explored Workspace Manager, Data Connectors, and Settings. This section dives deeper into Sentinel's detection and response capabilities, focusing on: Analytics Watchlists Automation Configuration and settings for these features can also be found under the sentinel Configuration section. Sentinel Analytics (Detection Rules) Analytics rules are the core of Sentinel’s threat detection engine. These rules run querie

 
 
 
brencronin
Apr 6, 202529 min read

Microsoft SC200 - Sentinel SIEM/SOAR Part 5a - Overview & Data Injest

Microsoft Sentinel Overview SIEM, or Security Information and Event Management, is a security solution that helps organizations identify and respond to potential security threats by collecting, analyzing, and correlating security events and data from various sources. Sentinel is Microsoft SIEM product. Comparable products to Sentinel include: Splunk Elastic CrowdStrike Falcon scale Google SecOps Cortex XSIAM One of the things that is important for SIEMs to be successful is t

 
 
 
Home: Blog2

CONTACT

500 Terry Francois Street San Francisco, CA 94158

bren_cronin@hotmail.com

123-456-7890

  • Facebook
  • Twitter
  • LinkedIn
Home: Contact
  • Facebook
  • Twitter
  • LinkedIn

©2021 by croninity. Proudly created with Wix.com

bottom of page