About me

Hi, I’m Dimosthenis, a Senior Cloud Architect specialising in Microsoft 365 and Microsoft 365 Security using Microsoft Defender products.

Dimosthenis Atteia

I work day-to-day with the Microsoft cloud security stack like Defender XDR, Sentinel, Entra ID, Intune, Purview, and the rapidly evolving Security Copilot platform, and I write here to share what works in the real world, what doesn’t, and what’s worth your attention as a practitioner.

This blog is practical, hands-on, and opinionated. It’s not a copy of Microsoft Learn. The goal is to fill the gap between official documentation and what you actually face in production.


What you’ll find here

  • Microsoft Security Copilot, Prompts, plugins, integration patterns, cost optimisation, and security guardrails.
  • Microsoft 365 hardening, Conditional Access, attack-surface reduction, Defender configuration, baseline architectures.
  • Identity & access, Entra ID, hybrid identity, Kerberos trust, privileged access, and zero-trust building blocks.
  • Detection & response, KQL hunting queries, custom analytics, automation with Logic Apps, incident playbooks.
  • Architecture deep dives, Multi-tenant patterns, cross-cloud integrations, and design decisions for regulated industries.

Expertise areas

  • Category: Microsoft 365
  • Expertise area: Microsoft 365, Microsoft 365 Security

Education, Certifications and Credentials


Get in touch


Disclaimer: All views expressed here are my own and do not represent the views of my employer or any organisation I work with. Code samples and guidance are provided as-is. Always validate in a non-production environment before applying to live systems.