Real world business tracks leading towards Azure Services
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
In today’s post we will look at some different ways to automate incident triage in Microsoft Sentinel. Organizations face an ever-increasing volume of security threats. Cyberattacks are becoming more sophisticated, and the sheer number of alerts can overwhelm even the most seasoned security teams. Automated triage in Microsoft Sentinel emerges as a crucial solution, empowering organizations to respond swiftly and efficiently to potential threats. This is where Microsoft Sentinel’s automated triage capabilities are…
In today’s post we will look at a targeted way to harness the full potential of your Azure security by integrating Microsoft Defender for Cloud with Microsoft Sentinel. This powerful combination allows for advanced threat detection, seamless monitoring, and a unified view of your security posture. We want to select our Sentinel data connectors while being thoughtful. The Microsoft Defender XDR data connector is the modern connector version that we should all use in most cases; but the legacy connector is useful when we have only specific subscriptions that we want to bring into Sentinel. The older, legacy connector, requires the manual selection of the subscriptions to include in the data ingestion; it is the perfect solution if you have a tenant that you only want 2 of the many subscriptions provisioned.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
This article dives deep into the world of Kusto Query Language (KQL) to show you how to create custom analytics rules for detecting high-volume email sends, both internal and external, that might indicate potential security breaches. By leveraging these KQL queries, you can gain valuable insights into your email traffic, identify suspicious patterns, and take proactive measures to safeguard your organization’s data. Targeting a high-risk behaviour from the most recent MDDR, we will explore finding inbox rule compromises on our o365 logs today.
In this post I explore using Sentinel to detect, and respond to threats using custom analytics rules using Kusto Query Language (KQL). This allows you to tailor threat detection to your organization’s specific needs, ensuring that no threat goes unnoticed and tuning the detections to exclude low value and noisy results that clutter up the incident queue.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
