Use Microsoft Endpoint Configuration Manager to Configure the Windows Print Spooler Service

Hello there, In my earlier post Use Microsoft Endpoint Configuration Manager to stop the Windows Print Spooler Service – Anything about IT (verboon.info) I explained how to stop the Print Spooler service using Microsoft Endpoint Configuration Manager leveraging CMPivot to Read More …

Preparing my Application Guard for Office test lab

Hello everyone, today I wanted to see application guard for office in action. If you are not familiar with application guard for office, I suggest you read the following articles / documentation. Microsoft Defender Application Guard for Office Application Guard Read More …

Managing Time Zone and Date formats in Microsoft Defender Security Center

When you receive security alerts or are investigating security related events , the aspect of time is important element. By default, date and time is displayed in Coordinated Universal Time (UTC) within the Microsoft Defender security center portal. In todays’ Read More …

Advance your Microsoft Defender ATP hunting skills using the Atomic execution framework

Hello everyone, during the past months I took a closer look at MITRE ATT&CK to advance my hunting skills using Microsoft Defender Advanced Threat Protection. For those not familiar with MITRE ATT&CK, in short, it is a knowledge base knowledge Read More …

Meet the new Microsoft Defender ATP evaluation lab

This week Hadar Feldmann, senior program manager and security researcher at Microsoft announced the public preview of the new Microsoft Defender ATP evaluation lab that now includes two attack simulation solutions from AttackIQ and SafeBreach. The term ‘evaluation’ might indicate Read More …