Four MVPs introduced Microsoft content designed to help you learn about various aspects of security, including App Control, Advanced Hunting, and Zero Trust.
In this blog series dedicated to Microsoft's technical articles, we'll highlight our MVPs' favorite article along with their personal insights.
Violet Hansen, Microsoft Azure MVP, United Kingdom
Understand App Control for Business policy rules and file rules | Microsoft Learn
“This is by far the most visited page for me. I've referred to it countless times to learn about Application Control, formerly known as WDAC. It has so much valuable information that people in cyber security should thoroughly study.”
*Relevant Blog: I have so many contents related to Application Control and that page in particular. This is one of the important ones: Introduction · HotCakeX/Harden-Windows-Security Wiki If you scroll down you will see links to other related pages.
Michail Michalos, Security MVP, Greece
Enrich your advanced hunting experience using network layer signals from Zeek
“Bringing Zeek-based events in Microsoft Defender for Endpoint has been a considerable breakthrough for empowering threat hunting and detection engineering. This blog has helped immensely to better understand our environment's network activity, build baselines to avoid false positives in our detections but most importantly it allowed to hunt for malicious HTTP, SSL and DNS connections, not that ICMP and SSH go unnoticed.
The depth of information available in Advanced Hunting allows deep flexibility and given the potential of KQL throughout the XDR spectrum, one can only image what could be a potential malicious activity and just translate it into a query.
I keep this article in my bookmarks as a reference for its detailed write-up and the examples provided.”
*Relevant Activity: Following, an Advanced Hunting query I built as soon as the SSL inspection was announced.
Anuradha Samaranayake, Microsoft Azure MVP, United Arab Emirates
How do I apply Zero Trust principles to Azure IaaS? | Microsoft Learn
"This Microsoft Learning Documentation provides a comprehensive and practical guide to applying Zero Trust principles to Azure IaaS components. It offers valuable insights into transforming your cloud infrastructure by following a security-first mindset. By addressing core principles like verifying explicitly, using the least privileged access, and assuming breach, the content empowers readers to rethink their security strategy effectively.
The series focuses on real-world business scenarios, making it highly relevant for IT professionals and organizations aiming to strengthen their Azure environments. By breaking the implementation into manageable units, including Azure storage, virtual machines, and network architecture, it simplifies complex concepts into actionable steps.
With Zero Trust being an essential security framework in today's threat landscape, this content is an excellent resource for anyone looking to enhance their cloud security posture, adopt modern security principles, and drive organizational resilience."
*Relevant Blog: Applying Zero Trust Principles to Azure IaaS Security - Cloud Diary
Jurgen Allewijn, Microsoft Azure MVP, Netherlands
Introduction to Zero Trust - Training | Microsoft Learn
“I like the way that this learn module is setup in introducing Zero Trust based on the six main pillars. It gives a good insight in what has to be done to implement zero trust and at what level."
*Relevant Blog: Zero Trust in the Cloud. A Simple Path to Securing Cloud… | by Jurgen Allewijn | Medium
Published Feb 21, 2025
Version 1.0
RieMoriguchi
Microsoft
Microsoft
