As Cyberattacks are arising day-by-day, every organization needs to be secure enough to fight against them. Being pro-active is the recommended approach, so if you don’t log and monitor anything at all. Your organization will have blind spots, and that will make it incredible hard for both security & IR teams.
In this session, you will learn how to monitor each activity that occur within your organization in order to find out unusual user activities, sensitive info accesses, unwanted changes in configurations, privileged access assignments, etc.
Then you will understand how you could become a forensic investigator by surfing various Microsoft portals and collect the appropriate details to identify the start of the attack, the affected areas, and more.
To finish, you will see how Microsoft Security Copilot could help you to respond to threats faster.