This week Raymond, Hasain and myself locked our self to the Microsoft Studios in Microsoft HQ (Redmond, Washington ) to record you free Cybersecurity training.
I promise you will learn a lot and enjoy it…
Coming soon
here is the details:
Every organization must prepare for the possibility of cybercrime within its networks or on its computer systems. Are you able to investigate crimes, like fraud, insider threats, industrial espionage, employee misuse, and computer intrusion? These days, every IT Pro should learn to recover key intelligence from Windows systems.
Learn how to do just that, from leading expert Erdal Ozkaya, and find out what you need to become a digital forensic professional, incident responder, and media exploitation expert, capable of piecing together Windows system events, second by second.
Erdal joins forces with Hasain “the Wolf” Alshakarti and Raymond Comvalius to show how cybercrime happens, what you can do to prevent it, and how to respond when it occurs.
1 | Windows Security and Forensics Take a look at the current state of the security landscape, Windows Security, and what “computer forensics” are.
2 | Windows Memory Attacks and Forensics Learn how and why hackers attack a system’s memory, and see how Memory Forensics can help address the problem.
3 | Windows Authentication Attacks and Forensics See demonstrations of how attackers use credential dependencies to gain elevated access to systems and to perform lateral movement. Plus, learn how to detect and prevent many of these attacks.
4 | Windows Forensics Explore Digital Forensics, and find out what to do as a first responder to preserve evidence for legal actions.
5 | Network Forensics Explore network forensics, along with case studies, best practices, and online analysis techniques.
6 | Malware Incident Response Learn about malware incident response, including identifying, locating, and removing malware.
Watch the Video’s in YouTube
For more Video Tutorials
CISO Insight
Having worked at Microsoft and held the MVP award since 2009, I have watched the Microsoft security ecosystem evolve from standalone antivirus into one of the most comprehensive security platforms available. For organisations invested in the Microsoft ecosystem, understanding how to leverage native capabilities is one of the highest-ROI security decisions a CISO can make.
The Microsoft Security Ecosystem: A CISO Perspective
Microsoft’s security portfolio has expanded dramatically. What began with Windows Defender now encompasses identity management (Entra ID), cloud security (Defender for Cloud), SIEM and SOAR (Sentinel), endpoint detection and response (Defender for Endpoint), email security (Defender for Office 365), and data loss prevention across the entire Microsoft 365 ecosystem. For organisations with significant Microsoft investments, this integrated approach provides visibility and control that would require multiple third-party vendors to replicate. The strategic advantage is integration — when identity, endpoint, email, and cloud security share a common data model, correlation and automated response become dramatically simpler.
Practical Considerations for Security Leaders
While the Microsoft security stack offers compelling integration benefits, CISOs should evaluate it rigorously. Key considerations include licensing complexity (security features are distributed across E3, E5, and add-ons), the need for Microsoft-skilled security personnel, potential vendor concentration risk, and coverage gaps for non-Microsoft platforms. The most effective approach for many enterprises is a Microsoft-first strategy supplemented by specialist tools where Microsoft capabilities are less mature. Independent evaluations like MITRE ATT&CK assessments provide objective benchmarks for comparison.
Frequently Asked Questions
Is the Microsoft security stack sufficient as a standalone solution?
For predominantly Microsoft environments with E5 licensing, the native stack covers most enterprise requirements. Organisations with significant non-Microsoft infrastructure or specialised compliance needs may benefit from supplementary solutions. Evaluate against your specific threat model rather than adopting a one-size-fits-all approach.
What Microsoft licence provides comprehensive security?
Microsoft 365 E5 provides the most comprehensive security feature set including Defender for Endpoint P2, Defender for Office 365 P2, Entra ID P2, and Sentinel entitlements. E3 includes basic features. Many organisations start with E3 and add specific security components based on risk priorities.
Related reading: Visit our Zero Trust Security Hub or download the CISO Toolkit.