Detecting Microsoft 365 Privilege Escalation Techniques w/ Purav Desai ~ Detection Opportunites EP 5 | allinfosecnews.com

June 20, 2024, noon | CYBERWOX

CYBERWOX www.youtube.com

Learn how to decipher the Microsoft Unified Audit Log (UAL) from a Digital Forensics & Incident Response (DFIR) perspective with Purav Desai, an experienced M365/Azure Incident Responder.

Purav's LinkedIn: https://www.linkedin.com/in/purav-da346393/
Deciphering UAL: https://github.com/PuravsPoint/DecipheringUAL

TIMESTAMPS:
00:00 Intro
00:20 Deciphering New-RoleGroup
09:06 Key Fields
10:11 Deciphering with Exchange OnlinePowershell
13:42 Detection Opportunities
16:16 SIEM & Attacker Tactics
21:43 Outro

_____________
⚙️ OTHER RESOURCES

🔹My Content Equipment, Book Recommendations & Desk Setup: https://www.amazon.com/shop/daycyberwox

_____________
⚡️JOIN CYBERWOX ACADEMY ON DISCORD!
https://discord.gg/cyberwoxacademy
_____________
📱 LET'S …

amp audit azure detection detection opportunities dfir digital digital forensics escalation exchange forensics incident incident responder incident response intro key learn log m365 microsoft microsoft 365 opportunities perspective privilege privilege escalation responder response siem techniques timestamps

More from www.youtube.com / CYBERWOX

Cybersecurity: What Does A Endpoint Security Engineer Do? #cybersecurity 1 day, 21 hours ago | www.youtube.com

academy affiliate cloud cloudcomputing +22

Cybersecurity Engineering Careers: Endpoint, SIEM, Threat Intelligence & Automation | Part 2 3 days, 23 hours ago | www.youtube.com

amp automation career careers +19

Detecting Microsoft 365 Privilege Escalation Techniques w/ Purav Desai ~ Detection Opportunites EP 5 1 week ago | www.youtube.com

amp audit azure detection +26

DevSecOps - Container Security with ChainGuard 1 week, 3 days ago | www.youtube.com

access amp aws bash +27

Microsoft 365 Forensics & Incident Response w/ Purav Desai ~ Detection Opportunities EP 4 2 weeks ago | www.youtube.com

amp audit azure detection +20

Investigating Microsoft Defender Bypass with Splunk - TryHackMe New Hire Old Artifacts 2 weeks, 3 days ago | www.youtube.com

academy binary bypass communication +21

Olympic Athlete Turned Cloud Engineer w/ @REXTECH9 | CYBER STORIES EP 17 3 weeks, 3 days ago | www.youtube.com

academy career cloud cloud engineer +11

Cybersecurity Hiring Managers Share Secrets On Getting Hired #cybersecurity 3 weeks, 5 days ago | www.youtube.com

academy affiliate cloud cloudcomputing +21

SANS Cybersecurity Certifications: Do You Really Need Them? #cybersecurity #sans 3 weeks, 6 days ago | www.youtube.com

academy affiliate certifications cloud +19

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California

View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

View on infosec-jobs.com

Executive Head: CVM and Artificial Intelligence Enablement

@ Vodafone | Midrand, ZA

View on infosec-jobs.com

AWS SysOps Administrator

@ BridgePhase | San Antonio, TX

View on infosec-jobs.com

Major Accounts Executive - France (Public Sector)

@ Cyberark | Paris, France

View on infosec-jobs.com

Account Executive - Denmark

@ Cyberark | Copenhagen, Denmark

View on infosec-jobs.com