Want to detect NTLM Relay Attacks? link.medium.com/8MlpY7NU2kb
#ThreatHunting #DFIR #MicrosoftSentinel #AzureSentinel #MicrosoftDefender #NTLM

Seems like my old but gold process tree analysis query is able to catch CVE-2021-40444 exploitation.
#ThreatHunting #DFIR #AzureSentinel #MicrosoftDefender

github.com/Cyb3r-Monk/Thr…

Keep eyes 👀on those Azure AD guests in #MicrosoftSentinel - learnsentinel.blog/2021/11/04/kee… #KQL #AzureSentinel

Here's a #kql query that lets you monitor AzureAD B2B policy allowed domain changes github.com/alexverboon/MD… #AzureSentinel #mvpbuzz #AzureAD

#Azure #MicrosoftSentinel #azuresentinel #kql
My repo that contains AKS usecases
github.com/le0li9ht/Micro…

#Subex continues to make great partnerships

Now #Microsoft Sentinel integrates #Sectrio (Subex’s #IoT And #OT #Cybersecurity division) TAXII server which will provide its cyber threat intelligence through Subex’s global honeypot networks.

#AzureSentinel

techcommunity.microsoft.com/t5/microsoft-s…

Read about Microsoft's own use of #AzureSentinel
customers.microsoft.com/en-us/story/14…

If you want to deep dive into Azure Sentinel check out this compilation of training.
#azure #azure sentinel #azure security #cloud #securecloud #microsoft #training
learn.microsoft.com/en-us/azure/se…

Cool rule pack for Conditional Access in Sentinel.
#microsoftsentinel #azuresentinel lnkd.in/ghaMZ2_Z

I've written a KQL query that unpacks the parameters from inbox rule creation and allows you to look for suspicious terms in each - gist.github.com/mrrothe/af8cc2… #AzureSentinel #MicrosoftSentinel #KQL #Cybersecurity Azure Sentinel

Know your tool and make best out of it:
#AzureSentinel #Microsoft #SecurityOperations #KQL
link.medium.com/XffNpzelCkb

The second part of the multi-cloud blog series, this time about ingesting data from Amazon Web Services (AWS) to Microsoft security solutions such as #AzureSentinel & #CloudAppSecurity .

samilamppu.com/2021/09/27/mul…

It’s time for the next session with Sasha Kranjac #Azure #Azure Sentinel #GlobalAzure #GlobalAzure

Azure Sentinel Ninja Training Sept 2021 update is out folks! #azuresentinel Microsoft Security

techcommunity.microsoft.com/t5/azure-senti…

Preview #AzureSentinel features dropping ahead of #MSIgnite ?

New learning module to get you started with #KQL basics. #LogAnalytics #AzureSentinel docs.microsoft.com/en-us/learn/mo…

Microsoft Security delivers new multicloud capabilities
by Vasu Jakkal
#Microsoft #Security #Cloudknox #DefenderforCloud #Multicloud #AWS #GCP #sentinel #azuresentinel #azuread #azurepaymenthsm lnkd.in/ejfhQWU3

#365daysofkql day 25 - visualize potentially anomalous RDP traffic from your endpoints - github.com/reprise99/Sent… #AzureSentinel #MicrosoftSentinel #KQL

In a strategic move to enhance #cybersecurity measures, #AzureSentinel was meticulously deployed for the Zambia Electricity Supply Cooperation (ZESCO), introducing a myriad of advantages.

Learn more about this #digital transforming journey here: reliance.systems/customerstorie…

Basics introduction article - good starter.
[Article] PowerShell Hunting with Microsoft Sentinel
buff.ly/3KU6kDC

#PowerShell #CloudSecurity #AzureSentinel #MicrosoftAzure