homepage
Open menu
Talk with an expert
Podcast image

Mark Morowczynski & Thomas Detzner: Microsoft Incident Response Playbooks | 22

Blueprint • 2021-06-01

We all need solid, well though-out playbooks to help standardize our respons to common threat scenarios. In this episode we speak with Thomas Detzner and Mark Morowczynski about the brand new set of Microsoft incident response playbooks that were just released. This is a brand new effort to meticulously document prerequisites, investigation steps, and remediation process for common scenarios most commonly seen by the Microsoft incident response teams, and you definitely won't want to miss it.

Resources mentioned in this episode:

Listen on YouTube PodcastsListen on SpotifyListen on Apple Podcasts

Sponsor's Note:

Support for the Blueprint podcast comes from the SANS Institute.

If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.

This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.

Check out the details at sansurl.com/450! Hope to see you in class!
Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube
Follow John Hubbard: Twitter | LinkedIn

Our Guests: Thomas Detzner and Mark Morowczynski

Thomas Detzner is a Project Leader for Microsoft, creating guidance for Azure AD IR.

Mark Morowczynski (@markmorow) is a Principal Program Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.

Related Content

Blog
Security Awareness, Artificial Intelligence (AI), Digital Forensics, Incident Response & Threat Hunting, Cloud Security, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Industrial Control Systems Security, Open-Source Intelligence (OSINT)
Top SANS Summit Talks of 2024
This year, SANS hosted 13 Summits from OSINT, ICS, Ransomware, DFIR to HackFest. Here were the top-rated talks of the year.
370x370-person-placeholder.png
Alison Kim
read more
Blog
Coolest Careers Poster
Cyber Defense
SANSがおすすめするサイバーセキュリティの仕事20選: 最高情報セキュリティ責任者(CISO)
最高情報セキュリティ責任者(CISO)の主な業務や、スキルアップのためのSANSのおすすめのコースを紹介します!
SANS_social_88x82.jpg
SANS Institute
read more
Blog
Cyber Defense
5 Advantages of Taking Your Next Blue Team Course via SANS OnDemand
There’s a lot going on in the world right now, but one thing that many experts seem to agree on is that now is the time for the cybersecurity community to be vigilant. Attacks are on the rise and it’s never been more important to keep your skills sharp and ready to defend.If you’re a cyber defender...
Stephen Hart
read more