secure365 DevOps – Behind the Scenes – May 2026

This month, there’s been a lot of development work going into identifying key new indicators, threat hunting, and a really useful new Workbook. Here’s a snapshot of what’s new: 

• We’ve obtained indicators related to the recently disclosed Windows exploits, deployed analytic rules against them across all environments.  

• The DevOps team worked on a joint threat hunting exercise with the SOC Analyst team. This is really important work since it means we are working pre-emptively ahead of possible threats, rather than merely reacting to possible existing breaches or incidents. Lots of great work, with exactly the right answer found potential threats identified and analytics rules put in place to identify and mitigate, but as yet, no signs of compromise found. 

• Diagnostic Settings Management – This workbook provides a controlled and targeted approach to managing Azure Diagnostic Settings within the secure365 service. It enables users to selectively enable or disable diagnostics on specific resources, such as Public IPs, Virtual Networks, Storage Accounts, Key Vaults, and Logic Apps – ensuring that only relevant resources are configured to send logs to the Log Analytics workspace. The feature is designed to complement existing Azure Policy-based automation, which enforces diagnostic settings at scale. 

Keep an eye open for more Behind the Scenes secure365 announcements from Softwerx!