The hottest Microsoft Substack posts right now

And their main takeaways
Category
Top Technology Topics

Accessing Microsoft Security Copilot Promptbooks

Rod’s Blog 436 implied HN points 08 Jan 24
🕹 Technology Security Microsoft AI
  1. A promptbook in Microsoft Security Copilot is a set of prompts for specific security tasks, each needing specific inputs.
  2. Promptbooks like incident investigation can help create executive reports, while threat actor profile provides quick summaries about specific actors.
  3. To start using promptbooks in Security Copilot, go to the home screen, enter a "*" in the prompt bar, select a promptbook, fill required parameters, and run.

Copilot Designer Poses Public Safety Risk, According To Microsoft Employee

Teaching computers how to talk 52 implied HN points 07 Mar 24
🕹 Technology AI Microsoft Public Safety Tech Ethics
  1. A Microsoft employee raised concerns about the AI image generator Copilot Designer posing public safety risks, but management did not take action.
  2. Despite known risks with Copilot Designer, Microsoft continues to market it without appropriate disclosures.
  3. Jones's revelations highlight the need for transparency in disclosing AI risks, especially when products are marketed to children.

The Best Skillsets to Learn in 2024 to Use Microsoft Security Copilot Effectively

Rod’s Blog 178 implied HN points 14 Dec 23
🕹 Technology AI Cybersecurity Microsoft Learning Resources Community
  1. To effectively use Microsoft Security Copilot in 2024, you should focus on developing skills in natural language processing, cybersecurity fundamentals, and familiarity with Microsoft security products.
  2. Learning through resources like Microsoft Learn, blogs, podcasts, online communities, tools, and events can enhance your understanding and usage of Microsoft Security Copilot.
  3. Microsoft Security Copilot leverages generative AI to aid security professionals in incident response, threat hunting, intelligence gathering, and posture management, requiring a blend of technical and non-technical skills.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

How Microsoft Security Copilot Can Help Defend Against Cyberthreats

Rod’s Blog 79 implied HN points 09 Nov 23
🕹 Technology Cybersecurity Artificial Intelligence Machine Learning Microsoft
  1. Security teams face challenges like complexity of data, lack of skilled professionals, and speed of evolving cyberthreats.
  2. Security teams need a solution to simplify data and tasks, empower them with AI technology, and protect against cyberthreats effectively.
  3. Microsoft Security Copilot is an AI-powered solution that can help security teams manage security posture, respond to incidents, and generate security reports efficiently.

Microsoft Sentinel SOC 101: How to Detect and Mitigate a VIP Account that has Multiple Failed Logons within a Threshold with Microsoft Sentinel

Rod’s Blog 99 implied HN points 17 Oct 23
🕹 Technology Security Microsoft Cyberattacks Cloud Automation
  1. Microsoft Sentinel helps in detecting and mitigating brute-force attacks on VIP accounts, which are high-level privileged user accounts in organizations.
  2. Brute-force attacks involve trying multiple passwords to gain unauthorized access to accounts or systems, making VIP accounts attractive targets.
  3. Organizations can use Microsoft Sentinel to set thresholds for failed logon attempts, create custom detection rules, investigate alerts triggered by VIP accounts, and take necessary response actions.

Brief: Going Passwordless - the New Trend in Online Security

Rod’s Blog 19 implied HN points 08 Feb 24
🕹 Technology Security Authentication Microsoft Online Services Biometrics
  1. Passwordless authentication aims to improve security by eliminating the need for traditional passwords and using methods like biometrics or hardware tokens instead.
  2. Going passwordless reduces the risk of password breaches and phishing attacks, making the login process faster and more convenient for users.
  3. Challenges of going passwordless include user trust in new technologies, compatibility issues, privacy concerns, and suitability for certain online services.

Brief: How Microsoft AI Protects Your Data Privacy

Rod’s Blog 19 implied HN points 07 Feb 24
🕹 Technology AI Data Privacy Microsoft
  1. Microsoft AI is based on the principle of 'your data is your data', emphasizing that you own and control your personal data.
  2. Microsoft AI ensures data privacy by collecting and using data with consent, not selling data to third parties, and implementing strong security measures.
  3. Data privacy is crucial for AI as it builds trust, protects human rights and promotes innovation in the industry.

Securing Data in an AI-First World with Microsoft Purview

Rod’s Blog 19 implied HN points 06 Feb 24
🕹 Technology Data security AI Microsoft Data Management Compliance
  1. Microsoft Purview is a top industry solution for managing data estates, offering governance, protection, and management.
  2. The latest enhancements to Microsoft Purview and Microsoft Defender focus on securing data in the context of generative AI, providing visibility, protection, and compliance controls.
  3. Organizations can leverage Microsoft Purview and Microsoft Defender to securely adopt AI, ensuring data protection while harnessing AI's full potential.

Must Learn AI Security Series: Introduction

Rod’s Blog 138 implied HN points 01 Aug 23
🕹 Technology AI Security Ethics Privacy Microsoft Digital Landscape
  1. AI security is crucial as AI becomes a prevalent and powerful technology affecting various aspects of our lives.
  2. Exploiting AI vulnerabilities can lead to severe real-world consequences, highlighting the importance of addressing AI security concerns proactively.
  3. Transparent and ethical AI systems, alongside secure coding practices and data protection, are essential in mitigating AI security risks.

Microsoft Security Copilot Demos from Microsoft Ignite 2023

Rod’s Blog 39 implied HN points 15 Dec 23
🕹 Technology AI Security Microsoft Conference Demo
  1. Microsoft Ignite 2023 highlighted the importance of securing AI and using AI for security, with these topics being top of mind for many organizations and individuals.
  2. The Microsoft Security Copilot, still in its early adopter program, was a popular topic at the event, drawing significant interest and overflowing demos.
  3. Key demo areas for Microsoft Security Copilot at Ignite included lifecycle workflows, sign-in logs, identity access troubleshooting, and risky user summary.

How to Monitor the Microsoft Sentinel Trial Period

Rod’s Blog 59 implied HN points 07 Nov 23
🕹 Technology Software Microsoft Cloud Computing Data Management
  1. For Microsoft Sentinel customers, a 31-day trial period is available by enabling Microsoft Sentinel on a Log Analytics workspace.
  2. To monitor the trial period, look under the 'News & Guides' blade and access the 'Free Trial' tab to see how many days are left.
  3. In the past, the 31-day trial could be enabled unlimited times on new workspaces, but now it's limited to 20 times per Azure subscription.

All the Microsoft Ninja Training I Know About

Rod’s Blog 218 implied HN points 05 Jan 23
🕹 Technology Microsoft Training Security
  1. There's a significant interest in Microsoft security certifications, and there are excellent 'Ninja' training resources by Microsoft product teams available for those seeking certifications.
  2. The 'Ninja' trainings cover a range of Microsoft Defender products, Sentinel, compliance tools, and more, providing valuable knowledge and skills for professionals in the security domain.
  3. The term 'Ninja' in the trainings comes from the creator's daughter's cat, not necessarily the traditional ninja-samurai symbolism.

Properly Setting Up the New MDTI Solution for Microsoft Sentinel

Rod’s Blog 59 implied HN points 30 Mar 23
🕹 Technology Security Software Microsoft
  1. The Microsoft Defender Threat Intelligence solution requires careful setup, even though the process may seem straightforward at first.
  2. Proper RBAC (Role-Based Access Control) settings are crucial for successful configuration of the solution within Microsoft Sentinel.
  3. Follow a particular order of installation and configuration steps to ensure the Microsoft Defender Threat Intelligence Solution works smoothly.

Defender for Cloud Learn Doc Gets Its Own RSS Feed

Rod’s Blog 39 implied HN points 08 Jun 23
🕹 Technology Software Updates Microsoft Information Security
  1. The Defender for Cloud Learn Doc now has its own RSS feed, granting users the ability to get notified about updates easily.
  2. Despite this improvement, not all pages on learn.microsoft.com have RSS feeds yet, so users still have to monitor some sections manually.
  3. Other Microsoft pages also have their own RSS feeds, showing an effort to provide users with up-to-date information through various channels.

The ROI on GenAI might not be so great, after all

Marcus on AI 1 HN point 12 Mar 24
🕹 Technology AI Generative AI Microsoft ROI
  1. The ROI for Generative AI might not be as expected, with reports of underwhelming outcomes for tools like Microsoft Copilot.
  2. There are signs of the hype around Generative AI being dialed back, as expectations are being tempered by industry experts and users.
  3. Despite the uncertainty in ROI, there are still massive investments in Generative AI, highlighting differing opinions on its potential benefits.

The Top 10 AI moments of 2023

Year 2049 6 implied HN points 23 Dec 23
🕹 Technology AI AI Ethics Microsoft OpenAI
  1. 2023 brought a lot of exciting advancements in AI technology and applications.
  2. The development of Custom GPTs by OpenAI signaled a shift towards personalized AI models and a potential platform for various AI apps.
  3. Issues like the fake Google Gemini demo and Sam Altman's reinstatement drama at OpenAI showed the complexities and challenges of the AI industry.

Using Azure Open AI with Microsoft Sentinel Part 2 - Converting Data to JSONL

Rod’s Blog 39 implied HN points 03 Apr 23
🕹 Technology AI OpenAI Microsoft Tools
  1. Azure Open AI supports JSONL file type for customized modeling, which is like JSON but with data values on a single line
  2. Tools like a PowerShell script and the Open AI CLI tool can help in converting JSON to JSONL for different data formats like CSV, TSV, XLSX, and JSON
  3. Deploy Azure Open AI instances in US South Central for access to base model types crucial for customized models

Introduction to Mad Prompts: Copilot for Security is a blank

Rod’s Blog 1 HN point 04 Mar 24
🕹 Technology AI Security Generative AI Prompting Microsoft
  1. Mad Libs game can be a fun and educational tool to practice parts of speech and create hilarious stories with friends.
  2. Proper prompting is crucial for AI systems to generate accurate and relevant responses, understand user intent, and enhance user experience.
  3. Learning how to prompt effectively, especially for security purposes, requires education and can be made fun using games like Mad Libs.

Using Logic App Parameters with Microsoft Sentinel Playbooks

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Tools Microsoft Automation
  1. You can use Logic App Parameters with Microsoft Sentinel Playbooks to create fill-in blanks like in ARM templates.
  2. Parameters in Logic App Designer can be used throughout the Logic App for customization.
  3. Utilizing custom, reserved variables like tenant ID and subscription ID ensures safety and allows deploying environments to input their values.

How to Query HaveIBeenPwned Using a Microsoft Sentinel Playbook

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Cybersecurity APIs Guides Microsoft
  1. You can query HaveIBeenPwned using a Microsoft Sentinel Playbook. This enables you to check if email addresses associated with an Incident have been compromised in data breaches.
  2. There is a fee of $3.50 per month to use the HaveIBeenPwned API, but you can pay for a single month to test its value.
  3. Ensure you obtain the API key before deploying the Playbook and make sure to properly connect accounts and input the API key in the designated field.

Viewing Microsoft Sentinel Rules with MITRE Tactics Directly in Excel

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Security Data Management Software Microsoft
  1. Known options for viewing Microsoft Sentinel rules with MITRE tactics include the MITRE ATT&CK Workbook, the MITRE ATT&CK Blade, Threat Analysis & Response Solution, and the Sentinel REST API.
  2. A lesser-known trick is to view the list directly in Excel by accessing a .csv file on the Microsoft Sentinel GitHub repository and importing it into Excel.
  3. By following simple steps, you can leverage Microsoft Excel to analyze and manipulate the Microsoft Sentinel rules and MITRE tactics data.

The Week In Repair: May 8 - 14

Fight to Repair 39 implied HN points 16 May 22
🕹 Technology Repair Right-to-repair Apple Microsoft Automakers
  1. Efforts are being made to protect the medical right to repair by hospitals, repairers, and public health groups to ensure competition in the industry.
  2. Caterpillar is pioneering the practice of refurbishing old engines, thereby promoting sustainability, reducing costs, and boosting revenue from services.
  3. Microsoft's closure of physical stores has impacted its repairability efforts, showing the importance of accessible repair centers for customers to learn, seek help, and fix devices.

Microsoft thinks Cybersecurity is a job for GPT-4

Machine Economy Press 2 implied HN points 11 Apr 23
🕹 Technology Cybersecurity AI Microsoft Data Innovation
  1. Microsoft has developed a new assistant called Security Copilot for cybersecurity professionals, powered by GPT-4 and designed to help identify breaches.
  2. The Security Copilot tool uses large language models and threat intelligence gathering to hunt down security threats based on daily collected signals.
  3. There is a global shortage of skilled security professionals, with Microsoft aiming to address this through continual learning from users and collaboration to combat sophisticated cyber threats.

The KQL Mysteries: Chapter 11

Rod’s Blog 0 implied HN points 01 Mar 24
🕹 Technology Cybersecurity Mystery Microsoft Web Development
  1. Jon and Jordan faced a tense situation with the Night Princess's presence in their city, leading to a dramatic confrontation at a server farm.
  2. They used KQL commands to uncover the Night Princess's infiltration and implemented a countermeasure to isolate her.
  3. The unexpected reveal of their colleague Sarah as the Night Princess left them with a difficult choice of trusting her to strengthen security or exposing her and risking vulnerabilities.

massgrave.dev

Barn Lab 0 implied HN points 31 Jul 23
🕹 Technology Software Activation Piracy Microsoft Tools
  1. You can download Windows for free from Microsoft and install it without a key, but a watermark may appear after some time.
  2. Legitimate options to remove the watermark include purchasing an activation key from Kinguin or transferring an old activation key from Windows 7 onwards.
  3. There are legal ways to activate Windows using HWID, KMS activation methods, or MAS Scripts available from massgrave.dev.

How to Quickly Tell Which Microsoft Sentinel Tables are Configured as Basic Logs

Rod’s Blog 0 implied HN points 12 Jan 23
🕹 Technology Software Microsoft Security
  1. Basic Logs in Microsoft Sentinel is a preview feature that offers a cheaper way to ingest logs, but with some limitations.
  2. Currently, there are UI and code-based methods to identify tables configured as Basic Logs, with a new method on the way.
  3. A new feature in preview will introduce a Tables blade in the Log Analytics workspace to filter tables by plan, making it easier to distinguish Basic Logs configured tables.

Is Moving the Sentinel Workspace to Another Resource Group or Subscription Supported?

Rod’s Blog 0 implied HN points 09 Jan 23
🕹 Technology Azure Microsoft
  1. Moving Microsoft Sentinel workspace to another resource group or subscription isn't supported currently. Check Azure Monitor Doc for guidance.
  2. Answers to common questions about workspace relocation can be found in the Azure Monitor documentation.
  3. The Azure Monitor Doc provides important considerations and guidelines regarding moving the Microsoft Sentinel workspace.