Speaking at Microsoft India Security Council

It was an honour speaking on the role of Generative AI in SOC among our esteemed CISO community. AMIT KR. DAS and I had the utmost pleasure hosting and engaging in insightful discussion about the evolving landscape of security operations centers (SOCs) and their transformation through the integration of cyber technologies and AI.

It was truly enlightening to hear your invaluable insights, Anuj Tewari, on the most pressing challenges, best practices for establishing an optimal SOC, and effective threat detection and response procedures, followed by a panel discussion with Anuj Tewari, Manickam K, Rohit Jain and Ambarish Singh. Your expertise added immense value to the conversation, and I genuinely appreciate the opportunity to learn from you all.



Interview: Doing more with less in Cybersecurity

It was great chatting with Suparna from ISMG on various challenges faced SOC teams today, how to better approach them to drive more efficiencies and to do more with less.

Read full article here https://www.databreachtoday.in/articles.php?art_id=20518



Presenting at CISO Conclave 2022

Looking forward to speaking at CISO conclave 2022 on Proactive Threat Hunting. Hope to catch up again with some old friends and respected members of the community.

View Post



UBS Forums – CISO Round Table – SOC ModernizationUBS

SOC Modernization is a need of the hour. It was great participating in this important discussion with this esteemed panel.

Join us for our Exclusive Roundtable on “𝐒𝐎𝐂 𝐌𝐨𝐝𝐞𝐫𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧” scheduled on 𝐅𝐫𝐢𝐝𝐚𝐲, 𝟐𝟓𝐭𝐡 𝐅𝐞𝐛𝐫𝐮𝐚𝐫𝐲 𝟐𝟎𝟐𝟐 𝐟𝐫𝐨𝐦 𝟎𝟑:𝟎𝟎 𝐏𝐌 𝐭𝐨 𝟎𝟒: 𝟎𝟎 𝐏𝐌 𝐈𝐒𝐓



Global Webinar – Building a Modern SOC

Join me with CyberProof‘s Cyber Security Solutions Architect, Aman Malhotra on February 1 and learn how to move from log collection to true threat detection and response with Microsoft Sentinel.



Join me at NASSCOM DSCI AISS 2021

Organizations depending upon their maturity curve of their Cyber Security Journey would be interested in solutions like EDR and XDR. A lot of times these terms often creates a lot of myths and confusion.

I am happy to return to AISS 2021 and speaking on this important topic. Hope to you see you all.



Threat Hunting on SQL Server with Azure Sentinel

For years Microsoft SQL Server has served as a backbone of critical applications for enterprises. Due to the nature of critical data stored on the SQL Server databases, it has always been a point of Interest for internal or external adversaries and one of the primary targets for exploitation.

 It is important to monitor all your SQL database instances and servers for any sign of threats.

Last week I posted a detailed blog post on Monitoring SQL Server with Azure Sentinel on Microsoft Azure Sentinel Official Blog. The blog talks about how to ingest logs from SQL Servers running on VMs, Parse the logs in readable format and then run various hunting queries and create alerts

You can read the detailed post here.

The Parser and hunting queries are also uploaded to Azure Sentinel Github repo.



Join me at Microsoft 360 Security Conclave

I’ll be speaking at Microsoft 360 Security Conclave on Integrated Cyber Threat Management last this week, we’ll talk about how modern cyber threats leveraging power of cloud to launch multi-staged attacks and how having an end to end visibility of the attack indicators across Identity, Endpoint, Apps and Infrastructure helps early detection and remediation.

If you are attending this event, please do stop by and say hi.

There are some other distinguished speakers lined up for you from Industry and Microsoft engineering.

See you there.

Iftekhar



Best Practices in configuring Office 365 Anti Phishing Policy

Office 365 Advanced Threat Protection enables additional layer of protection against malicious URLs, Malicious Attachments and Phishing campaigns.

In my previous posts we talked about these configurations, please click on the hyperlinks below to see those posts.

1. Best practices in configuring Office 365 Safe Attachments

2. Best Practices in configuring Office 365 Safe Links.

Today we’ll take a look at anti phishing policies which can be configured in Office 365 for protection against

  • 1. User Impersonation
  • 2. Domain Impersonation
  • 3. Domain Spoofing

User Impersonation : User Impersonation configuration allows organization to list down their top executives like CEO, CFO, Directors etc and any emails coming with the exact same display name and going to users will be quarantined/delivered to Junk as per the configuration.

Domain Impersonation : Domain Impersonation configuration protects against emails coming with similar typosquatted domains like yours. For eg. your organizations domain is Contoso.com and attackers may send emails after registering similar looking domains like Cont0so.com, Contoso-inc.com etc.

Domain Spoofing :  Domain spoofing configuration enables domain authentication like SPF, DKIM, DMARC to be enforced validating the origin of the emails as per the from address and block/quarantine/junk those emails which fails authentication.

I have created this video tutorial of Step by Step tutorial of the recommended configurations of Anti Phishing Policies in Office 365 Advanced Threat Protection.

Hope you like the videos, please do subscribe to the channel to be updated with future tutorials.

Cheers



Speaking at ET CIO virtual event.

Will be speaking at ET CIO Virtua Event on Cybersecurity myth busters. Please join.