Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ryan Cox, Senior Security Operations Engineer at Revinate, joined Defender Fridays to discuss how to build detection and response processes that scale while maintaining their effectiveness as threats and infrastructure expand.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

This week, we discuss a phishing technique that uses a powerful and risky Microsoft 365 configuration setting. After that, we round up everything we know about the Marks & Spencer breach from April and the lessons that all MSPs can learn from it. After that, we quickly cover a new series of vulnerabilities in a popular Bluetooth chipset that could let attackers gain full control over your headphones.

Think building a SOC is out of reach? Think again. With MDR and AI working together, MSPs can now deliver 24/7 protection through what’s becoming an autonomous SOC – one that scales without increasing overhead or alert fatigue. This webinar will show how the modern SOC is already within reach, and how to start offering it. You’ll learn.

Looking for a fast, powerful, and easy way to get more control and performance out of Microsoft Defender? LimaCharlie has what you need. Chris Botelho, Senior Solutions Engineer at LimaCharlie, hosted a live walkthrough of our new MS Defender Endpoint Protection extension. Chris demonstrated how our SecOps Cloud Platform enhances MS Defender by providing: Defender Check: Instantly query Windows machines to verify the presence of an active Defender instance.

The Tanium Endpoint Management solution offers cross-platform lifecycle management from a single console, delivering visibility and control over endpoint assets both on-premises and in the cloud. The solution begins with provisioning new endpoints and continues through the lifecycle of patch management and third-party software deployments, performance monitoring, policy enforcement and issue investigations to give administrators the ability to see, control and remediate in real time.

Brian Carrier, CEO of Sleuth Kit Labs, joined Defender Fridays to discuss EDR, DFIR and Endpoint Triage. We explored how SOCs can effectively investigate endpoints after alerts to decide whether to wipe it or call an IR team. Brian covered leveraging EDR data and additional forensic artifacts for better Endpoint Triage, helping teams cut through the overwhelming amount of information to make informed response decisions.