Want to detect NTLM Relay Attacks? link.medium.com/8MlpY7NU2kb
#ThreatHunting #DFIR #MicrosoftSentinel #AzureSentinel #MicrosoftDefender #NTLM
Seems like my old but gold process tree analysis query is able to catch CVE-2021-40444 exploitation.
#ThreatHunting #DFIR #AzureSentinel #MicrosoftDefender
github.com/Cyb3r-Monk/Thr…
Keep eyes 👀on those Azure AD guests in #MicrosoftSentinel - learnsentinel.blog/2021/11/04/kee… #KQL #AzureSentinel
#Azure #MicrosoftSentinel #azuresentinel #kql
My repo that contains AKS usecases
github.com/le0li9ht/Micro…
#Subex continues to make great partnerships
Now #Microsoft Sentinel integrates #Sectrio (Subex’s #IoT And #OT #Cybersecurity division) TAXII server which will provide its cyber threat intelligence through Subex’s global honeypot networks.
#AzureSentinel
techcommunity.microsoft.com/t5/microsoft-s…
Read about Microsoft's own use of #AzureSentinel
customers.microsoft.com/en-us/story/14…
Cool rule pack for Conditional Access in Sentinel.
#microsoftsentinel #azuresentinel lnkd.in/ghaMZ2_Z
I've written a KQL query that unpacks the parameters from inbox rule creation and allows you to look for suspicious terms in each - gist.github.com/mrrothe/af8cc2… #AzureSentinel #MicrosoftSentinel #KQL #Cybersecurity Azure Sentinel
Know your tool and make best out of it:
#AzureSentinel #Microsoft #SecurityOperations #KQL
link.medium.com/XffNpzelCkb
The second part of the multi-cloud blog series, this time about ingesting data from Amazon Web Services (AWS) to Microsoft security solutions such as #AzureSentinel & #CloudAppSecurity .
samilamppu.com/2021/09/27/mul…
Azure Sentinel Ninja Training Sept 2021 update is out folks! #azuresentinel Microsoft Security
techcommunity.microsoft.com/t5/azure-senti…
New learning module to get you started with #KQL basics. #LogAnalytics #AzureSentinel docs.microsoft.com/en-us/learn/mo…
Microsoft Security delivers new multicloud capabilities
by Vasu Jakkal
#Microsoft #Security #Cloudknox #DefenderforCloud #Multicloud #AWS #GCP #sentinel #azuresentinel #azuread #azurepaymenthsm lnkd.in/ejfhQWU3
#365daysofkql day 25 - visualize potentially anomalous RDP traffic from your endpoints - github.com/reprise99/Sent… #AzureSentinel #MicrosoftSentinel #KQL
In a strategic move to enhance #cybersecurity measures, #AzureSentinel was meticulously deployed for the Zambia Electricity Supply Cooperation (ZESCO), introducing a myriad of advantages.
Learn more about this #digital transforming journey here: reliance.systems/customerstorie…
Basics introduction article - good starter.
[Article] PowerShell Hunting with Microsoft Sentinel
buff.ly/3KU6kDC
#PowerShell #CloudSecurity #AzureSentinel #MicrosoftAzure