The first time you enable a new feature in Sentinel, you usually get one of two outcomes: either nothing happens for hours, or you get…
All about M365, Azure and Security
Category: Sentinel
Welcome to this week’s Microsoft Security digest, covering the most significant updates across Microsoft Sentinel, Defender XDR, and the broader security ecosystem. From AI-powered automation…
Weekly digest covering Sentinel data lake KQL execution modes, notebooks, and a Feb 25 Advanced Hunting export schema change.
Every SOC has that moment. If you have spent time in a SOC, you know this feeling all too well. An alert pops up. Then…
Discover how Security Orchestration, Automation, and Response (SOAR) in Microsoft Sentinel can streamline your cybersecurity operations. This guide unpacks the core components of SOAR, illustrating…
Let’s audit your Microsoft Certification Authority with Microsoft Sentinel and be one step ahead of the attacker More and more services depend on certificates for…
Introduction With Microsoft Intune you can manage most of your endpoints like Windows 10/11, Android, iOS, macOS and the newest operating systems: Chrome and Linux…
I already made some posts how to implement and connect data sources to Microsoft Sentinel. The other side is that you have to pay per…
Microsoft released a new agent named Azure Monitoring Agent (AMA) to forward logs to Log Analytic workspace and is about to send the old Microsoft…
This post depends on our previous posts. You should read them first to work with the same environment: To understand what we configure, we have…