Real world business tracks leading towards Azure Services
Join me for as we explore one of the critical aspects of using Microsoft Sentinel — understanding data retention and how to get started. Data retention in Microsoft Sentinel involves managing how long data is kept within your Log Analytics workspace. This is crucial for compliance, incident response, log searchability, and cost management.
I am thrilled to announce to have reached a significant milestone – our 100th Azure Updates blog post!
Over the past few years, we’ve shared countless updates, tips, and insights to help you make the most of Azure’s ever-evolving ecosystem.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
In this article, we explore real world automation and improvements to Sentinel Incidents. Leveraging Microsoft Sentinel Playbooks you can streamline your SOC security operations and respond to incidents faster and with the information your Analysts need to make decisions. A key component of this process is the integration of Threat Intelligence (TI) to enrich incident data with critical context – before anyone opens that incident to investigate.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Wondering where to get started finding all the users in your Entra ID that do not have MFA enabled? Here’s some quick PowerShell to get you started and easily identify what users may be missed by your conditional access policies.
Join me as I explore getting started with threat hunting using Microsoft Sentinel and KQL to jump-start our investigations. We will dive into a world where we look for anomalies in the data and try to identify potential threats before they can escalate within our environment.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
In this post we take a look at using KQL to observe machine status of Azure Arc managed machines. We will look at a couple of examples of how to create some helpful queries and then using those to enable monitoring in Microsoft Sentinel. As organizations adopt a more cloud-centric management model, it is becoming more common to see machines through Azure Arc, but also our Sentinel log collectors via Azure Monitor Agent are deployed using Azure Arc agent; so we need to make sure we can keep tabs on our log collectors and other servers easily.
