Modern Device Management

  Microsoft Defender XDR (Rebranded and formerly known as Microsoft 365 Defender) has many features and as part of Advanced hunting under incident & response, Custom detections is a great way to create rules to monitor events and system states proactively, including suspected breach activity and misconfigured endpoints. One can then enable & configure response actions using various device & identity attributes and set them to run at regular intervals, generating alerts. Custom detections uses Advanced hunting which is based on the Kusto Query Language (KQL) which is a powerful tool that uses schema entities organized in a hierarchy similar to SQL. The language is expressive, easy to read and understand. To manage custom detections, you need to be assigned one of these roles permissions at a minimum: - Security settings - Security administrator - Security operator To understand Custom detections better, I wanted to explore the possibility of initiating a response action on

  I have finally jumped on the Copilot bandwagon and started familiarizing myself with the feature. For those who are unware or getting to know it like me, then it is Microsoft's latest AI-powered productivity tool that uses large language models (LLMs) and integrates data with the Microsoft Graph and Microsoft 365 apps and services. I don't intend to do a deep dive into what Copilot is as there is plenty of material available online for that, but I will like touch base on commercial data protection and what organizations can do to manage Copilot on mobile devices using Intune. According to Microsoft , To provide chat responses, Copilot uses global data centers for processing and may process data in the United States. Optional, Bing-backed connected experiences don't fall under Microsoft's EU Data Boundary (EUDB) commitment.  They also don't fall under the terms of the Data Protection Addendum (DPA) which requires company data to remain inside geographic or tenant b