In today’s post I talk about responding to a compromised identity in Microsoft Entra ID. There is a lot of advice floating around on what to do and how to respond; I’m bringing experiences and existing guidelines together to provide a solid foundational starting point for identity based incident response in this post.
This week continues our look at an ongoing set of Governance tasks that we can do to keep our Sentinel instances working smoothly and helping our SOC team stay focused on handling Incidents and threat hunting. Today we continue our detailed look at not only what to review, but walking through the steps together. In today’s article we will review even more deep-dive details on how to optimize and maintain your Sentinel instances in a meaningful and optimized fashion. This week, we talk data management, automations, and RBAC.
This week we continue our mini-series looking at Sentinel Governance tasks that we can do to keep our favourite SIEM/SOAR solution working smoothly to detect attacks and providing visibility into threats to our environments. Sentinel is like having a superhero team that protects your enterprise from cyber threats! 🦸♂️🦸♀️
This week I take a brief look at some ongoing Governance tasks that we can do to keep our Sentinel instances working smoothly and helping our SOC team have a better day. Making a living finding needles in a haystack can be hard, let’s look at some best practices for governance to help our SOC team focus on finding those little clues!
Finding the true cost of cloud SaaS tooling is a complicated and elusive task. Microsoft has some different tools we can use to try and estimate costs that we’ll cover in this post. There are challenges in accurately estimating cloud consumption and usage costs due to day-to-day variances in that usage and other factors. Let’s explore MDC cost estimating together!