Update October 2024

Helper/rssextract.ps1

@@ -1,54 +1,41 @@
-# Define the URL of the RSS feed
-# Sentinel
-#$rssUrl = "https://t#echcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftSentinelBlog&size=20"
-# Defender for Cloud
-#$rssUrl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftDefenderCloudBlog&size=20'
-# mdti
-#$rssUrl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=DefenderThreatIntelligence&size=20'
-# sec copilot
-#$rssUrl = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=SecurityCopilotBlog&size=20"
-# iot
-#$rssUrl = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftDefenderIoTBlog&size=20"
-# entra ID
-#$rssurl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=6042109320470044639&board=Identity&size=20'
-# ca kenneth
-#$rssUrl = "https://www.vansurksum.com/category/conditional-access/feed/?posts_per_page=500"
-# chronlund
-#$rssUrl = 'https://danielchronlund.com/category/conditional-access/feed/?posts_per_page=500'
-# MDE
-#$rssurl = 'https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderATPBlog&size=20'
-# EASM
-#$rssUrl = 'https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderExternalAttackSurfaceMgmtBlog&size=20'
-# tvm
-#$rssUrl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=Vulnerability-Management&size=25'
-# xdr
-#$rssUrl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftThreatProtectionBlog&size=25'
+# Define an array of RSS URLs and their corresponding output file paths
+$rssFeeds = @(
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftSentinelBlog&size=20"; OutFile = "c:\temp\Sentinel_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftDefenderCloudBlog&size=20"; OutFile = "c:\temp\DefenderForCloud_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=DefenderThreatIntelligence&size=20"; OutFile = "c:\temp\MDTI_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=SecurityCopilotBlog&size=20"; OutFile = "c:\temp\SecCopilot_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=-1596964823266872039&board=MicrosoftDefenderIoTBlog&size=20"; OutFile = "c:\temp\IoT_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=6042109320470044639&board=Identity&size=20"; OutFile = "c:\temp\EntraID_rssdump.txt" },
+    @{ Url = "https://www.vansurksum.com/category/conditional-access/feed/?posts_per_page=500"; OutFile = "c:\temp\CAKenneth_rssdump.txt" },
+    @{ Url = "https://danielchronlund.com/category/conditional-access/feed/?posts_per_page=500"; OutFile = "c:\temp\Chronlund_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=MicrosoftDefenderATPBlog&size=20"; OutFile = "c:\temp\MDE_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=DefenderExternalAttackSurfaceMgmtBlog&size=20"; OutFile = "c:\temp\EASM_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=Vulnerability-Management&size=25"; OutFile = "c:\temp\TVM_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftThreatProtectionBlog&size=25"; OutFile = "c:\temp\XDR_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftDefenderforOffice365Blog&size=25"; OutFile = "c:\temp\MDO_rssdump.txt" },
+    @{ Url = "https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftSecurityandCompliance&size=40"; OutFile = "c:\temp\SecurityCompliance_rssdump.txt" }
+)
 
-# mdo
-#$rssUrl =  'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftDefenderforOffice365Blog&size=25'
+# Iterate over each RSS feed in the array
+foreach ($feed in $rssFeeds) {
+    $rssUrl = $feed.Url
+    $outfile = $feed.OutFile
 
-# security and compliance
-$rssUrl = 'https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom-blog-rss?tid=860249516929499341&board=MicrosoftSecurityandCompliance&size=40'
+    # Fetch the RSS XML data
+    $response = Invoke-WebRequest -Uri $rssUrl
+    $rss = [xml]$response.Content
 
+    # Iterate over each item in the RSS feed
+    foreach ($item in $rss.rss.channel.item) {
+        $title = $item.title
+        $url = $item.link
+        $pubdate = $item.pubDate
 
+        # Create a markdown link for the RSS item
+        $md = "- " + "[" + $title + "]" + "(" + $url + ")"
 
-$outfile = "c:\temp\rssdump.txt"
-# Fetch the RSS XML data
-$response = Invoke-WebRequest -Uri $rssUrl
-# Load XML from the response
-$rss = [xml]$response.Content
-# Iterate over each item in the RSS feed
-foreach ($item in $rss.rss.channel.item) {
-    # Extract the title and link
-    $title = $item.title
-    $url = $item.link
-    $pubdate = $item.pubDate
-
-    # Print the title and URL
-    #Write-Output "Title: $title"
-    #Write-Output "URL: $url"
-    #Write-Output "PubDate: $pubdate"
-
-    $md = "- " + "[" + $title + "]" + "(" + $url + ")"
-    $md | Out-File -FilePath $outfile -Append -Force
+        # Output to the specific file for this RSS feed
+        $md | Out-File -FilePath $outfile -Append -Force
+    }
 }
+

docs/entraid.md

@@ -8,6 +8,13 @@
 
 ## Microsoft Tech Community Blogs
 
+- [Microsoft Security announcements and demos at Authenticate 2024](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-security-announcements-and-demos-at-authenticate-2024/ba-p/4263029)
+- [What's new in Microsoft Entra - September 2024](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/what-s-new-in-microsoft-entra-september-2024/ba-p/4253153)
+- [Explore the key benefits of Microsoft Entra Private Access](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/explore-the-key-benefits-of-microsoft-entra-private-access/ba-p/3905449)
+- [Join us at the Microsoft Entra Suite Showcase!](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/join-us-at-the-microsoft-entra-suite-showcase/ba-p/4250628)
+- [Microsoft Entra Internet Access now generally available](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-internet-access-now-generally-available/ba-p/3922547)
+- [Omdia’s perspective on Microsoft’s SSE solution](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/omdia-s-perspective-on-microsoft-s-sse-solution/ba-p/4237794)
+- [MFA enforcement for Microsoft Entra admin center sign-in coming soon](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/mfa-enforcement-for-microsoft-entra-admin-center-sign-in-coming/ba-p/4230849)
 - [Face Check is now generally available](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/face-check-is-now-generally-available/ba-p/4175880)
 - [Public preview: Microsoft Entra ID FIDO2 provisioning APIs](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/public-preview-microsoft-entra-id-fido2-provisioning-apis/ba-p/4062699)
 - [Migrate ADAL apps to MSAL with enhanced insights](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/migrate-adal-apps-to-msal-with-enhanced-insights/ba-p/4194361)

docs/learn.md

@@ -9,6 +9,7 @@
 
 ## Ninja Trainings
 
+- [Welcome to the Microsoft Incident Response Ninja Hub](https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/welcome-to-the-microsoft-incident-response-ninja-hub/ba-p/4243594)
 - [Microsoft Sentinel & Defender XDR Virtual Ninja Training](https://adoption.microsoft.com/en-us/ninja-show/)
 - [Train your security staff for Microsoft Defender XDR](https://learn.microsoft.com/en-us/defender-xdr/microsoft-365-defender-train-security-staff)
 - [Become a Microsoft Defender for Endpoint Ninja](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-ninja-training-august-2021/ba-p/2611623)
@@ -21,5 +22,6 @@
 - [Become a Microsoft Defender Vulnerability Management Ninja](https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/become-a-microsoft-defender-vulnerability-management-ninja/ba-p/4003011)
 - [Become a Microsoft Sentinel Ninja](https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310)
 
+## Microsoft Airlift
 
-
+- [Microsoft Airlift](https://airlift.microsoft.com/home_public)

docs/mdc.md

@@ -6,6 +6,9 @@
 
 ## Microsoft Tech Community Blogs
 
+- [Monthly News - October 2024](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/monthly-news-october-2024/ba-p/4260397)
+- [Introducing the new File Integrity Monitoring with Defender for Endpoint integration](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/introducing-the-new-file-integrity-monitoring-with-defender-for/ba-p/4252051)
+- [Monthly News - September 2024](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/monthly-news-september-2024/ba-p/4235917)
 - [Detect Container Drift with Microsoft Defender for Containers](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/detect-container-drift-with-microsoft-defender-for-containers/ba-p/4232044)
 - [Securing Multi-Cloud Gen AI workloads using Azure Native Solutions](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/securing-multi-cloud-gen-ai-workloads-using-azure-native/ba-p/4222728)
 - [Using Defender XDR Portal to hunt for Kubernetes security issues](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/using-defender-xdr-portal-to-hunt-for-kubernetes-security-issues/ba-p/4217741)

docs/mde.md

@@ -12,6 +12,7 @@
 
 ## Microsoft Tech Community Blogs
 
+- [Security settings management is available for multi-tenant environments in Microsoft Defender XDR](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/security-settings-management-is-available-for-multi-tenant/ba-p/4250996)
 - [Microsoft Defender for Endpoint’s Safe Deployment Practices](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-s-safe-deployment-practices/ba-p/4220342)
 - [Detect compromised RDP sessions with Microsoft Defender for Endpoint](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/detect-compromised-rdp-sessions-with-microsoft-defender-for/ba-p/4201003)
 - [Reduce friction and protect faster with simplified Android onboarding](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/reduce-friction-and-protect-faster-with-simplified-android/ba-p/4206049)
@@ -251,6 +252,9 @@
 
 ## Community Blogs
 
+- [Unleash The Power Of DeviceTvmInfoGathering](https://kqlquery.com/posts/devicetvminfogathering/)
+- [Peeking Behind the Curtain: Finding Defender’s Exclusions](https://blog.fndsec.net/2024/10/04/uncovering-exclusion-paths-in-microsoft-defender-a-security-research-insight/)
+- [Manage Defender for Endpoint for Windows, macOS, and Linux via Security settings management](https://jeffreyappel.nl/manage-mde-for-windows-macos-and-linux-via-security-settings-management/)
 - [Microsoft Defender for Endpoint Deployment rings](https://github.com/mattnovitsch/M365/wiki/Microsoft-Defender-for-Endpoint-Deployment-rings)
 - [Common mistakes during Microsoft Defender for Endpoint deployments](https://jeffreyappel.nl/common-mistakes-during-microsoft-defender-for-endpoint-deployments/)
 - [Analyzing MDE Network Inspections](https://hybridbrothers.com/analyzing-mde-network-inspections/)

docs/mdeasm.md

@@ -24,6 +24,7 @@
 
 ## Community Blogs & Videos
 
+- [Integrating Defender EASM with Microsoft Sentinel Guide](https://charbelnemnom.com/connect-defender-easm-to-microsoft-sentinel/#google_vignette)
 - [Connect Microsoft Defender EASM to Microsoft Sentinel for Incident enrichment](https://derkvanderwoude.medium.com/connect-microsoft-defender-easm-to-microsoft-sentinel-for-incident-enrichment-521efd6dd684)
 - [Introduction into Microsoft Defender EASM (External Attack Surface Management)](https://derkvanderwoude.medium.com/introduction-into-microsoft-defender-easm-external-attack-surface-management-3fdee6ccf256)
 - [Microsoft Defender EASM - External Attack Surface Management](https://www.youtube.com/watch?v=RvV7RZ1puV4)

docs/mdo.md

@@ -7,6 +7,8 @@
 
 ## Microsoft Tech Community Blogs
 
+- [Use community queries to hunt more effectively across email and collaboration threats](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/use-community-queries-to-hunt-more-effectively-across-email-and/ba-p/4254664)
+- [Improve end user resilience against QR code phishing](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/improve-end-user-resilience-against-qr-code-phishing/ba-p/4225742)
 - [How your submissions to Defender for Office 365 are processed behind-the-scenes](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/how-your-submissions-to-defender-for-office-365-are-processed/ba-p/4231551)
 - [Secure architecture design – How Defender for Office 365 protects against EchoSpoofing](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/secure-architecture-design-how-defender-for-office-365-protects/ba-p/4225358)
 - [Automate Tenant Allow/Block List entries](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/automate-tenant-allow-block-list-entries/ba-p/4213201)

docs/mdti.md

@@ -7,6 +7,8 @@
 
 ## Microsoft Tech Community Blogs
 
+- [New Copilot for Security Plugin Name Reflects Broader Capabilities](https://techcommunity.microsoft.com/t5/microsoft-defender-threat/new-copilot-for-security-plugin-name-reflects-broader/ba-p/4258810)
+- [MDTI for Government Now Available](https://techcommunity.microsoft.com/t5/microsoft-defender-threat/mdti-for-government-now-available/ba-p/4258823)
 - [Introducing the MDTI Article Digest](https://techcommunity.microsoft.com/t5/microsoft-defender-threat/introducing-the-mdti-article-digest/ba-p/4223917)
 - [Introducing the MDTI Premium Data Connector for Sentinel](https://techcommunity.microsoft.com/t5/microsoft-defender-threat/introducing-the-mdti-premium-data-connector-for-sentinel/ba-p/4220346)
 - [More Threat Intelligence Content In MDTI, TA Enables Better Security Outcomes](https://techcommunity.microsoft.com/t5/microsoft-defender-threat/more-threat-intelligence-content-in-mdti-ta-enables-better/ba-p/4177542)