Microsoft MVP, #MEM, #Security and #Automation. Technical Editor for m365securitybook.com. Security @ thecollective.eu. Tweets are my own
Joined January 2010
- Tweets 2,192
- Following 280
- Followers 1,838
- Likes 7,756
209 Photos and videos
Pinned Tweet
18 Jan 2023
I am happy to announce the newest version of the @m365security ebook! It contains multiple new chapters and significant updates in others.
The content covers both #MicrosoftDefender and #MicrosoftSentinel.
Foreword has been written by @rodtrent
m365security.gumroad.com/l/m…
5
30
109
10,699
23 Dec 2025
Excited to be speaking again at a live event!
Join me at MC2MC Connect in February next year!
We’re thrilled to welcome @thijslecomte as our next speaker at MC2MC Connect in Antwerp on February 5th 🎙️
➡️Curious about the agenda or ready to get your 🎟️ connect.mc2mc.be
#MC2MC #ConnectMC2MC #ConnectMC2MC2026 #Connect #Collaborate #Create
ALT https://connect.mc2mc.be/
2
188
Thijs Lecomte retweeted
7 May 2025
Protecting Effectively Against Ransomware bit.ly/4k52Vnk #Ransomware #Security #ActiveDirectory @thijslecomte
1
8
662
15 Jul 2024
Are you struggling to add the correct data into #MicrosoftSentinel? Check out my latest article on @Practical365, detailing some tips and tricks I use.
This is the first article of a small series, focusing on adding networking data into Sentinel.
15 Jul 2024
Practical Sentinel: Adding Networking Data to Microsoft Sentinel 👉 bit.ly/4cAObcI @thijslecomte
#Sentinel #EntraID #Defender
1
2
388
12 Mar 2024
Excited to be taking the stage again, together with @LouisMastelinck to talk about phishing in Microsoft Teams!
[1/2] 📢 Our next in-person event of 2024, MC2MC Live: The Final Frontier, is taking place on Wednesday, April 17th.
We are thrilled to introduce our event line-up, featuring Jens Du Four, Hanna Engel, @thijslecomte, and @LouisMastelinck
🎟️ tinyurl.com/2rfeferb
#MC2MC
ALT https://www.mc2mc.be/events/mc2mc-live-the-final-frontier-2/
1
4
566
Thijs Lecomte retweeted
4 Mar 2024
🚀 This week's newsletter just went out!
Featuring posts from 👇
@charbelnemnom,@benoit_hamet,@msazureacademy,@ntfaqguy,@cloudfirstpod,@rbrayb,@12knocksinna,@shehanperera85,@shaunhardneck,@crookedbong,@nviso_labs,@fabian_bader,@crookedbong,@12knocksinna,@thijslecomte
🧵⬇️
ALT Entra.News #34: This week in Microsoft Entra We look at, not one, but two new conditional access features. New trust direction options come to Entra Domain Services an upcoming Apple Device auth webinar and more!
3
9
33
4,121
27 Feb 2024
Just released a new blog talking about a new CA feature which I have been waiting on for a long time. This allows us to better protect our administrator users against token theft and opens up new ways to secure critical applications.
365bythijs.be/2024/02/27/a-n…
#entraid #ca
1
15
1,650
21 Feb 2024
Going live with @LouisMastelinck in 10 minutes to talk about phishing attacks in Teams
Join here => teamsbuzz.com/room2
4
619
30 Jan 2024
This weekend, I deep dived into the Microsoft hack to see how it happened and what we learned from it.
I linked it to the @ENowConsulting 's Application Governance, which provides insightful recommendations into some common misconfigurations
appgovscore.com/blog/insecur…
2
4
301
30 Jan 2024
Hey! Did you Activativate your Azure PIM role already??
#AzureActivity #MicrosoftSentinelSnafu
30 Jan 2024
Has anyone else noticed in the Sentinel table AzureActivity that if a role is assigned to a resource using PIM the field here has a massive typo under the Target JSON field? I can't get this out of my head.
1
1
5
679
20 Jan 2024
Excited to be speaking at @TeamsNation in February with @LouisMastelinck
We will be discussing a new type of Phishing using Microsoft Teams.
What it is, how to protect against it and how to detect it.
Join us in this free awesome event 👇
teamsbuzz.com/register
3
4
660
15 Jan 2024
Apps within Entra ID remain a security risk in a lot of companies... Check out the blog below on how you can protect your organization against it!
15 Jan 2024
💥App Registrations are highly privileged & often used by #threatactors for privilege escalation attacks in #EntraID
👉 Microsoft MVP @thijslecomte explains how you can protect your organization with the proper permissions in place for attack prevention: enow.software/48vZi4u
5
877
22 Dec 2023
If you like in-depth articles, check out this one below!
It covers, in great detail, how an attack in a cloud environment looks like and how to detect it. Including initial access, persistence, reconnaissance and privilege escalation.
22 Dec 2023
I wrote a blog post about how Entra ID Joined and Hybrid Joined devices can be used to move to #entraid and #cloudsolutions, how to detect it, and what preventive controls you can use.
📜hybridbrothers.com/device-to…
#microsoftsecurity #hybridbrothers
3
10
1,711
20 Dec 2023
As the year is coming to an end, I take some time to look back at what has happened.
A lot of new products (outside of E5)
A lot of copilot
And some detection/reliability issues
Looking forward to what 2024 brings!
2
5
1,483
5 Dec 2023
With the announcement of #MicrosoftDefenderXDR, I wanted to share my thoughts on some of the current pain points in automation with #MicrosoftDefender and #MicrosoftSentinel in this blog 'My wishlist for automation within Microsoft Defender XDR'
365bythijs.be/2023/12/05/my-…
3
12
1,084
1 Dec 2023
Easy going Friday morning.
Baby Duty ✅
Coffee ✅
New blog in progress ✅
1
11
961
27 Nov 2023
Excited to be chosen as the Discussion Leader for 'Automation and SOAR' within the Security CCP. This also marks my first blog in two years, which is changing now. My goal is to bring new life into it, with a focus on automation within Microsoft Security.
365bythijs.be/2023/11/27/dis…
1
10
1,347
27 Nov 2023
If there is any requests in terms of topics, feel free to reply! Looking forward to hearing what people want me to explain/hear my thoughts about.
1
117
19 Nov 2023
Awesome PIM overview! I am still waiting for support to request a full authentication when activating a role. Some integration of authentication context and sign-in frequency everytime would solve this.
This would solve using a stolen token to activate a role.
19 Nov 2023
Entra/Azure AD PIM may not be the security control you think it is.
Here's five common mistakes, limitations, and misunderstandings you want to avoid tripping up with.
Privileged Identity Management (PIM) – Common Microsoft 365 Security Mistakes Series: campbell.scot/pim-common-mic…
1
2
24
8,103
18 Nov 2023
Nathan is speaking true! The past few months, we have been dealing with quality issues in #MDO, inconsistent logging in #MDE and missing some basic features overall.
Yet, all we see is development in products that most organizations don't desire at the moment.
16 Nov 2023
Trying to catch up on all the announcements today
I'm really struggling watching the complexity of all these offerings continue to increase, and we're putting all of our hope of managing it all into AI solutions
1
1
8
3,708
24 Oct 2023
End-users Antispam settings is an unknown but important policy to configure within Exchange Online! #Microsoft365Defender #MDO
3
6
2,282