Mastering Data Ingestion in Microsoft Sentinel
In this post, we examine how to review and master your data connectors to optimize ingestion. Organizations worldwide are investing […]
Building a Microsoft Sentinel Data Use Case
Join me this week to gain an in-depth understanding on how to clearly define what data to retain. Data retention is not just a regulatory box to tick; it’s the backbone of a robust security posture. In the realm of Microsoft Sentinel, understanding how to manage your data retention is key to leveraging the full potential of your SIEM system. From cost management to compliance, the way you handle data can make or break your security operations.
Azure Updates – Number 101 – November 2, 2024
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Data Retention in Sentinel – Where to Start
Join me for as we explore one of the critical aspects of using Microsoft Sentinel — understanding data retention and how to get started. Data retention in Microsoft Sentinel involves managing how long data is kept within your Log Analytics workspace. This is crucial for compliance, incident response, log searchability, and cost management.
Azure Updates – Number 100 – October 19, 2024
I am thrilled to announce to have reached a significant milestone – our 100th Azure Updates blog post!
Over the past few years, we’ve shared countless updates, tips, and insights to help you make the most of Azure’s ever-evolving ecosystem.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Using Threat Intelligence in Microsoft Sentinel to Enhance Incidents
In this article, we explore real world automation and improvements to Sentinel Incidents. Leveraging Microsoft Sentinel Playbooks you can streamline your SOC security operations and respond to incidents faster and with the information your Analysts need to make decisions. A key component of this process is the integration of Threat Intelligence (TI) to enrich incident data with critical context – before anyone opens that incident to investigate.
Azure Updates – Number 99 – October 5, 2024
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Azure Updates – Number 98 – Sept 21, 2024
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Azure Updates – Number 97 – September 7, 2024
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
How to Find Users With & With-Out MFA Quickly
Wondering where to get started finding all the users in your Entra ID that do not have MFA enabled? Here’s some quick PowerShell to get you started and easily identify what users may be missed by your conditional access policies.