April 22, 2026
In this article Attack chain overview Activities in pre-recruitment phase Activities in recruiting phase Activities in post-recruitment phase Mitigation and protection guidance Microsoft Defender XDR detections […]
- Filter by
- Categories
- Tags
- Authors
- Show all
- All
- Azure App Service
- Azure Architecture
- Azure Updates
- Command Line
- Community
- Microsoft Security
- Tech Community
- All
- .NET
- A2A
- acns
- Active Directory
- Add tools to copilot instructions in copilot studio
- Add tools to instructions copilot studio
- Advanced container networking service
- Adversary-in-the-middle (AiTM)
- Agent Builder
- Agent Builder and Copilot Studio and Foundry explained
- Agent Builder vs Copilot Studio vs Microsoft Foundry
- agent builder vs Microsoft Foundry
- Agent ID
- Agent Package Manager
- agent service
- Agent Skills
- Agentic
- Agentic AI
- Agentic Workflows
- Agents
- agentskills
- AI
- AI + Machine Learning
- ai adoption
- ai agent
- AI Engineering
- ai gateway
- ai guidance
- AI Security
- AI-assisted coding
- AI-assisted development
- AI-Assisted Engineering
- AI-powered automation
- AIOps
- Air-gapped
- AKS
- ALDO
- ALZ
- analytics
- Android
- anycast
- api
- API Management
- API Management (APIM)
- apim
- APIs
- APM
- App
- App Configuration
- app gateway
- app service
- Application Gateway
- Application Landing Zones
- Arc
- Arc Onboarding
- architecture
- architecture diagrams
- Architecture Review
- arm
- Artificial Intelligence
- ASP.NET Core
- aspire
- aspnetcore
- Astro
- attributes
- Audio Notes
- auth0
- automation
- Autonomous agent
- Availability
- Availability Sets
- Availability Zones
- AVD
- avnm
- aws
- AZ-900
- AzAPI
- Azure
- Azure Active Directory
- azure advisor
- Azure AI
- Azure AI Document Intelligence
- Azure AI Foundry
- Azure AI Landing Zones
- Azure AI Language
- Azure AI Search
- Azure API Management
- Azure APIM
- Azure APIM policy configuration
- azure architecture
- Azure Backup
- Azure Bastion
- Azure Bicep
- Azure Bicep Snapshots
- Azure Blob Storage
- Azure CLI
- Azure Cloud
- Azure Cloud Adoption Framework
- Azure Communication Services
- Azure Compute Fleet
- Azure confidential ledger
- Azure Container Apps
- Azure Container Instances
- Azure Container Registry
- Azure Container Storage
- Azure Cosmos DB
- Azure Data Box
- Azure Data Factory
- Azure Data Lake Storage
- Azure Database for MySQL
- Azure Database for PostgreSQL
- Azure Databricks
- Azure DDos Protection
- azure deployment stacks
- Azure DevOps
- Azure Disk Storage
- Azure Elastic SAN
- Azure Essentials Show
- Azure ExpressRoute
- Azure Files
- Azure Firewall
- Azure Front Door
- Azure Functions
- Azure Health
- azure hybrid
- Azure Hybrid Networking
- Azure Kubernetes Fleet Manager
- Azure Kubernetes Service
- Azure Kubernetes Service (AKS)
- Azure Landing Zone
- Azure Load Testing
- Azure Local
- Azure Local Disconnected Operations
- Azure Local LENS
- Azure Machine Learning
- Azure Managed Grafana
- Azure Migrate
- Azure Migration
- Azure Monitor
- Azure MySQL Flexible Server
- Azure MySQL Flexible Server Replica
- Azure NAT Gateway
- Azure NetApp Files
- Azure Networking
- Azure Policy
- Azure PowerShell
- Azure Pricing
- Azure Private Link
- Azure Red Hat OpenShift
- Azure Resource Manager
- azure route server
- Azure Sentinel
- Azure Service Fabric
- Azure Site Recovery
- Azure Sphere
- Azure SQL Database
- Azure SQL Managed Instance
- Azure Storage
- Azure Storage Actions
- Azure Storage Mover
- azure traffic flows
- Azure Update Manager
- Azure Virtual
- Azure Virtual Desktop
- azure virtual network manager
- Azure Virtual Network Routing Appliance
- Azure Virtual WAN
- Azure VMware Solution
- azure-ad-b2c
- azure-arc
- azure-b2c
- azure-communication
- azure-signalr
- azurebicep
- azuredevops
- azureopenai
- backend-development
- backstage
- backup
- backups vs DR vs HA
- banned
- Baseline Security Mode
- Batch
- bgp
- Bicep
- bicep-console
- biceplang
- Blizzard
- Book
- bot service
- build an autonomous agent in Copilot Studio step by step
- Business
- Bypass Microsoft Account
- C#
- career
- career-growth
- careerdevelopment
- careers
- Certification
- Certifications
- Charbel Nemnom MCT
- Chrome
- Chromium
- CI/CD automation
- claude-ai
- ClickFix
- Cloud
- Cloud Accelerate Factory
- Cloud Adoption Framework
- Cloud Architecture
- Cloud automation
- Cloud Infrastructure
- Cloud Migration
- cloud networking
- Cloud PC
- cloud-computing
- cloud-engineering
- CloudFamily
- CloudPC
- CNCF
- Code Review
- code-as-documentation
- codegeneration
- codereview
- codex
- Command Line
- Commcault
- community
- Commvault
- Commvault Shift
- Compliance
- compute
- Computer use in Copilot Studio explained
- Conference
- conferences-and-events
- Confidential Compute
- connection monitor
- containers
- content-creation
- Continuous integration
- copilot
- Copilot CLI
- Copilot cowork
- Copilot in Outlook demos
- Copilot in Outlook demos step by step
- Copilot in Outlook examples
- Copilot in Outlook step by step
- Copilot in Outlook use cases
- Copilot studio autonomous agent step by step
- copilot studio topics
- Copilot Studio vs Microsoft Foundry
- Copilot under the hood
- copilot-studio
- Cost Management
- Cost Optimisation
- Create a Microsoft form
- Create a trigger in Copilot Studio
- create an agent trigger copilot studio
- Create an autonomous agent in Copilot studio
- Create copilot agent in copilot studio
- Create Copilot autonomous agent
- credential theft
- cshapr
- csharp
- custom connector copilot studio
- Custom Copilot agents
- custom-auth-extension
- custom-extension
- Cyber Recovery
- Cyberespionage
- Cybersecurity
- Daily Tracker
- Dapr
- data factory
- data lake
- Databases
- DataStream
- DDoS Protection
- Decentralized Identity
- Dedicated
- Default Outbound Access
- deployment
- dev
- Developer Life
- Developer productivity
- Developer Tools
- developer-experience
- developers
- devops
- DevOps automation
- DevOps workflows
- devops-practice
- DevSecOps
- diagram automation
- Diagram Generation
- difference between backup and DR?
- Direct URL
- disaster recovery
- Disconnected
- discuss
- dns
- Domain compromise
- dotnet
- DotNetCore
- DR
- ECMA2
- ECMA2Host
- EF Core
- egress
- Elevation of privilege
- email OTP
- emergency-preparedness
- Engineering Productivity
- enterprise-architecture
- entra
- Entra Account Recovery
- Entra ID
- entra-external-id
- Environments in Power Platform Production Sandbox Trial
- ENvironments sandbox
- Envoy
- Envoy Gateway
- error-message
- Error: You are not authorized to use this connection. Please consider using a different connection
- Event
- Event Grid
- event-listener
- Exam SC-500
- Exam SC-730
- Excalidraw
- Excel Copilot demos
- Excel Copilot tasks
- Exchange Online
- export
- Express Route
- ExpressRoute
- external-id
- fabric
- fabric capacity
- fault tolerance vs high availability
- Feature
- feature-flags
- Features
- federation
- FIDO2
- FIM
- finops
- Firewall
- fluent
- Forest Blizzard (STRONTIUM)
- Forrester Waves
- foundry
- foundry agent service
- Front Door
- Frontline
- FSLogix
- Gallery
- gateway
- gateway api
- genai
- Generative AI
- generative ai gateway
- geometry
- Git
- GitHub
- GitHub Actions
- GitHub Agentic Workflows
- GitHub CLI
- github copilot
- GitHub Copilot Agent Mode
- GitHub Copilot CLI
- GitHub Copilot SDK
- GitHub Pages
- github-repo
- githubcopilot
- githubcopilotcli
- Global Network
- governance
- gpt5
- gtihubcopilot
- guest
- guid
- Hardware
- HashiCorp
- HashiCorp MCP Server
- Health
- homelab
- How to create an environment in Power Platform
- How to link work email account to Microsoft personal account
- how to link work email to microsoft learn profile step by step
- How to link your work or school account to your personal Microsoft Learn account (Step‑by‑Step)
- How-to
- hub-and-spoke
- human-operated ransomware
- Hybrid
- Hybrid + Multicloud
- Hybrid Cloud
- hybrid networking
- Hyper-V
- I book Microsoft exam using my work account
- IaC
- IaC Best Practices
- Idempotence
- identity
- Identity and access management
- Ignite
- image
- import
- In development
- In preview
- Incident response
- influencers
- infra
- Infrastructure As Code
- infrastructureascode
- ingress
- Instructor
- Integration
- Intenet
- Internal Developer Platform
- Internet of Things
- Intune
- iperf
- istio
- Jack Tracy
- Jumpstart
- jwt
- KAITO
- kubernetes
- landing zone
- Landing Zones
- Lateral movement
- Launched
- Leaflet
- Learn Azure
- learning
- LENS
- lessons learned
- Lighthouse
- Link
- LINUX
- LLM
- Load Balancer
- Local AI Deployment
- LocalBox
- Log Alerts
- Log Alerts Dyanmic threshold
- Log Analytics
- Log Analytics Workspace
- Logic Apps
- Logs Ingestion
- M365
- macOS
- Madrid
- Main
- managed private endpoint
- Management
- Management and Governance
- Management Groups
- mathematics
- maximum public websites I can add to copilot studio
- MCP
- MCP integration
- MCP Servers
- mcp simplified
- mcp-server
- MCT
- mfa
- micro deployments
- MicroHack
- Microservices
- Microsoft
- Microsoft 365
- Microsoft Agent 365
- Microsoft Agent Framework
- microsoft ai
- Microsoft Azure
- Microsoft Build
- Microsoft Certification
- microsoft certifications
- Microsoft Certified
- Microsoft Certified Trainer
- Microsoft Defender
- Microsoft Entra
- Microsoft Entra ID (formerly Azure AD)
- Microsoft Fabric
- Microsoft Foundry
- Microsoft Graph
- Microsoft Ignite
- Microsoft Intune
- Microsoft Learn
- Microsoft Security
- Microsoft Security Insights
- Microsoft Sentinel
- Microsoft Sentinel Data Lake
- Microsoft SQL Server
- microsoftfoundry
- Migration
- MIM
- Minecraft
- Mobile
- Model Context Protocol
- MongoDB
- Monitoring
- ms-4022
- MSEvents
- MSIgnite2025
- Multi-cloud
- multi-cluster
- multicloud
- Musings
- mvp
- native-authentication
- Natural language programming
- network architecture
- network performance
- Network security
- network security group
- network security perimeters
- Network Watcher
- networking
- new
- News
- nginx ingress
- NSG
- nsps
- nva
- OAuth
- oauth2.0
- oidc
- Okta
- onelake
- OOBE bypass
- open source
- open webui
- open-api
- openai
- opencode
- opencode-go
- opensource
- openweight
- Opinion
- Outlook
- PaaS
- Packet Capture
- passwords
- patterns
- Pester
- Phishing
- Platform Engineering
- Platform Landing Zone
- Platform Landing Zones
- pls
- plsdc
- Pluralsight
- Policies
- policy
- Power Platform environments explained
- power-platform
- powershell
- powertoys
- Pricing
- Pricing & Offerings
- Private Endpoint
- private link
- private link service direct connect
- private-key-jwt
- Process Improvement
- production
- Productivity
- programming
- project radius
- Prototyping
- Proximity project
- Pull request management
- pullrequest
- pyspark
- python
- qperf
- Queue Storage
- rag
- ransomware
- rate limit
- RBAC
- RDP
- Recovery point Objective vs Recovery Time Objective (RTO)
- Regions & Datacenters
- register
- Reliability
- remote access
- remotion
- Repository management
- resource-owner-password
- REST API
- Retirements
- ropc
- route table
- routing
- RPO vs RTO
- Run
- SaaS
- SAML
- Sapphire Sleet
- SC-500 Exam
- SC-730
- SC-730 Exam
- sd-wan
- SDK and Tools
- sdn
- sdn appliance
- search
- Secret Blizzard
- security
- Sentinel
- Sentinel data lake
- serverless
- service bus
- service mesh
- Services
- Shared
- Shift Virtual
- SIEM
- sign-up
- signalr
- Simple Log Search Alerts
- sirius appiance
- Sleet
- SLZ
- softare-development
- Software-Defined Networking
- software-development
- software-engineering
- software-testing
- Sovereign Clod
- Sovereign Cloud
- Sovereign Landing Zone
- Spain
- Spark
- speaking
- spoke-to-spoke
- sql
- SQL Server
- SQL Server on Azure Virtual Machines
- sqlcmd
- SSO
- State-sponsored threat actor
- storage
- Storm
- subnet
- subnet peering
- swagger
- synapse
- Sysprep
- Table Storage
- Tags
- Tasks to perform in Copilot Excel
- teams
- Technology
- Tempest
- Terminal
- Terraform
- Terraform Cloud
- Terraform Modules
- Terraform Registry
- terraform-stacks
- terragrunt
- the benefits of linking work email to microsoft learn personal profile
- Thomas Maurer
- token-issuance
- topics
- topics in copilot studio explained
- Trainer
- Troubleshoot
- troubleshooting
- tutorial
- udr
- unattend xml
- Uncategorized
- updated
- Updates
- URL
- user-defined route
- V2
- VDI
- verifiable-credentials
- Verified ID
- Video
- virtual desktop
- Virtual Event
- virtual machine
- Virtual Machine Scale Sets
- Virtual Machines
- virtual network
- virtual network appliance
- virtual network flow logs
- Virtual Network Gateway
- Virtual Network Peering
- virtual network routing appliance
- Virtual Networks
- Virtual WAN
- Virtualization
- VirtualMetric
- VirtualMetric DataStream
- VNet
- VNet Peering
- voice-models
- vpn
- VPN Gateway
- vrna
- VS Code
- vue
- vwan
- W365
- Web
- web application firewall
- Webinar
- websocket
- WEC
- WEF
- what are copilot studio topics
- what can I do in Copilot Excel
- what can i do in excel using Microsoft 365 Copilot
- What is a backup?
- What is a declarative agent?
- What is a trigger in Copilot Studio?
- what is Bing Custom Search
- what is disaster recovery?
- what is fault tolerance?
- what is high availability?
- what is model context protocol for beginners
- What is Prompt Copilot Studio
- What is replication?
- what is the difference between DR and HA?
- What is the Microsoft 365 Frontier programme?
- what is workIQ
- what-if
- Windows
- Windows 10
- Windows 11
- Windows 365
- Windows 365 Frontline
- Windows 365 Link
- Windows App
- Windows Console
- Windows deployment
- Windows imaging
- Windows Package Manager
- Windows Server
- Windows Store
- Windows Subsystem for Linux (WSL)
- Windows Terminal
- windows11
- Windows365
- winget
- winui
- wordpress
- WorkIQ vs Microsoft Graph
- XDR
- XML Graph Model
- yaml
- YAML workflow automation
- Year In Review
- Yubikey
- Zero Trust
- zero trust workshop AI
- All
- Aidan Finn
- Alan Kinane
- Az Advertizer
- Azure Community Enthusiasts
- azurefeeds
- Azure Tar
- Carlos Mendible
- Charbel Nemnom
- Dan Rios
- Daniel Bradley
- Darren Robinson
- Dieter Gobeyn
- Freek Berson
- George Ollis
- Gijs Reijn
- Gregor Suttie
- Imran Rashid
- Jake Walsh
- Jaliya Udagedara
- Jamie Maguire
- Jesse (JSON) Loudon
- Joe Carlyle
- John Kilmister
- John Lokerse
- John Savill
- Jose Moreno
- Josh King
- Leo Visser
- Luke Murray
- Maik van der Gaag
- Marc Duiker
- Mark Tinderholt
- Matt Felton
- Nicholas Chang
- Nicola Delfino
- Olivier Miossec
- Peter De Tender
- Pixel Roberts
- Rory Braybrook
- Roy Kim
- Sarah Lean
- Scott Hanselman
- Stanislav Zhelyazkov
- Sucheta Gawade
- Tao Yang
- Thomas Maurer
- Thomas Thornton
- Tobias Zimmergren
- Travis Roberts
- Vukašin Terzić
- Will Velida
April 17, 2026
Published by azurefeeds on April 17, 2026
Categories
In this article Sapphire Sleet’s campaign lifecycle Defending against Sapphire Sleet intrusion activity Microsoft Defender detection and hunting guidance Indicators of compromise Executive summary Microsoft Threat […]
April 2, 2026
Published by azurefeeds on April 2, 2026
Categories
In this article Analysis of the attack Mitigation and protection guidance Microsoft Defender detections Indicators of compromise Hunting queries On March 31, 2026, two new npm […]