Monitoring Microsoft:

New detection strategies, tips and tricks for Azure, 0365 + more

Join Expel’s top security operations center analysts for an afternoon full of tips and tricks on how to kick start or level up your detection strategy across the Microsoft security suite.

July 20, 2021 11AM – 3PM EDT

Anyone who performs detection and response in the cloud knows that figuring out how to get the right signal for analysts to efficiently do their job is … challenging. Microsoft provides lots of great security capabilities but there’s no “easy” button for figuring out what signals you should turn on and how to use that data. Join Expel’s top security operations center analysts and keynote speaker Mandana Javaheri from MSFT for an afternoon full of tips and tricks on how to kick start or level up your detection strategy across the Microsoft security suite.

Tuesday, July 20 11:00 AM EDT

Keynote: How MSFT thinks about security strategy

Learn about Microsoft’s strategic approach to security. Mandana Javaheri, Global Director, SCI Business Development at Microsoft, will talk about XDR – how to expedite detection & response and remediation – and the ways Expel and Microsoft work together to support our joint customers. You’ll walk away from this talk with a better understanding of modern approaches to security and how partners can help level-up detection capabilities.

Speaker:
Mandana Javaheri Global Director, SCI Business Development, Microsoft

Tuesday, July 20 11:30 AM EDT

How to use Defender for Endpoint to investigate a ransomware incident

If you have Defender for Endpoint, you’ve got one of the best EDR tools on the market. But do you know all of the ways you can optimize it? Join us as we dive into some of our favorite things about Defender for Endpoint and share the tale of a real ransomware incident we uncovered at Expel and how we used the capability baked into Defender for Endpoint to quickly identify the source of the compromise and remediate. This will also serve as a deep-dive into how we use the Expel Workbench™ to augment the capability of Defender for Endpoint and the automation we have built around the MS product suite.

Speaker:
Tyler Fornes, Global Response Manager, Expel

Tuesday, July 20 12:30 PM EDT

Detections in your cloud infrastructure

Hosting your infrastructure in the cloud comes with promises of reliability, scalability and cost efficiency. Securing this infrastructure, however, requires a special focus. It can be a real challenge to make sense of all of the sources of data and build out a detection strategy. In this talk, we’ll review what data sources and security services exist in Azure and lay out a mental model you can use to build your own detection strategy based on your unique risks.

Speaker:
Dan Whalen, Principal Detection & Response Engineer, Expel

Tuesday, July 20 1:00 PM EDT

How our customers with Microsoft tools detect and protect against attacks

Join us for a conversation with Joe Oney, Security Operations Manager at Hogan Lovells, to hear about how he and his team use Microsoft security tools to keep their org safe. He’ll share some tips and tricks on how to support your Microsoft stack and amplify alerts, along with some Microsoft-specific lessons learned.

Speaker:
Joe Oney, Security Operations Manager, Hogan Lovells
Pete Silberman, CTO, Expel

Tuesday, July 20 2:00 PM EDT

3 ways to detect BEC in O365

Phishing attacks are on the rise and BEC is still the number one tactic. In order to keep your org and its users safe, it’s important to understand the BEC attack life cycle and know where to look to spot evil – especially as these attacks continue to evolve. In this session you’ll find out what the BEC attack life cycle looks like, what signal is available in Microsoft Azure and O365 to detect a potential BEC attack and get three tips on how you can detect an attacker in your Exchange Online environment.

Speaker:
Anthony Randazzo, Manager, Detection & Response Engineering, Expel

Tuesday, July 20 2:30 PM EDT

Hunting in your Microsoft environments

Hunting can be a game changing strategy for your security posture. But how do you start building that strategy? Using a vulnerability-centric approach isn’t enough. Hunting techniques need to focus on a proactive approach as the threat landscape has evolved to new places – like the cloud. Learn how to develop hunts that are hypothesis-driven and use a threat-centric approach to identify areas in your environment that need improvement.

Speaker:
Bryan Geraldo, Senior Detection & Response Engineer, Expel

Keynote Speaker

Mandana Javaheri

Global Director, SCI Business Development, Microsoft

Speakers

Tyler Fornes

Global Response Manager, Expel

Bryan Geraldo

Senior Detection & Response Engineer, Expel

Joe Oney

Security Operations Manager, Hogan Lovells

Dan Whalen

Principal Detection & Response Engineer, Expel

Anthony Randazzo

Manager, Detection & Response Engineering, Expel

Pete Silberman

CTO, Expel

Need help today with your Microsoft alerts? Learn more about Expel for Microsoft at https://expel.io/solutions/microsoft-detection/