AzureTracks

Azure Lighthouse & Sentinel at Scale – Part 3

In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about the best practices and security baseline of using Azure Lighthouse. This is the last in a mini-series of three posts about Azure Lighthouse and Sentinel at scale; we have looked in detail at delegated permissions, what Azure Lighthouse is all about, and now we look at the best practices and how to deploy!

Posted on April 11, 2024 6:55 am

Azure

Azure Lighthouse & Sentinel at Scale – Part 2

In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about delegation using Azure Lighthouse in enterprise scenarios and how an MSP might use delegation to optimize SOC operations. Join me for a good look at delegation & Lighthouse!

Posted on March 28, 2024 7:19 am

Azure

Azure Lighthouse & Sentinel at Scale

In this post we begin to explore enabling multitenant management with scalability, higher automation, and enhanced governance across resources. I think an Azure Lighthouse walk-through is long overdue here, so let’s get ready to talk about how to scale operations or a SOC to manage multiple tenants, enhance governance, all delivered using native Azure tooling! Let’s learn what makes Lighthouse so great for a SOC when working in multiple tenants!

Posted on March 14, 2024 7:12 am

Azure

Sentinel Health Data Visualization & Reporting

A common challenge after deploying Microsoft Sentinel has been how to keep track of your Data Connector health status. Last article, we explored getting a handle on our Microsoft Sentinel data connectors health. This week, we look visualizing and using that data with Sentinel Workbooks.

Posted on December 20, 2022 7:10 am

Azure

Sentinel Data Connector Health Monitoring

A common challenge after deploying Microsoft Sentinel has been how to keep track of Data Connectors health. Today, we take a look at getting a handle on how to start monitoring our Microsoft Sentinel data connectors health.

Posted on December 13, 2022 7:05 am

Monitoring

M365 Operating Guide for Sec Ops Teams – Use with Microsoft Sentinel

When building out a SOC team, many organizations quickly realize that there are very few silos left in IT when it comes to cloud. Our SOC members need to have cloud platform skills, M365, Exchange, Active Directory, Azure Active Directory, Windows Server, REHL, and so many more skills. To say this a different way; our cloud landscape is flat, and we need members that have a wide band of skills with some specialties mixed in. This is complex to say the least, and with labour challenges in our post-covid world, we need ways to upskill our teams and build out operations manuals and tasks to support those teams.

Posted on October 25, 2022 7:30 am

Automation

AzureTracks - Microsoft Sentinel - Log Analytics workspace Data Cap - A man working on data graphs at a desk

Set Log Analytics Workspace Data Cap

Let’s take a look at setting data ingestion caps in an Azure Log Analytics workspace today. There are different reasons why we may want to limit the data coming into our storage account, today we look at both setting the data cap, and alerting us when that data cap is reached through Azure Monitor alerting.

Posted on October 7, 2022 9:35 am

Azure

Azure Updates – Number 36 – May 7, 2022

A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Save time digging around to find recent releases and changes. Released May 7, 2022.

Posted on May 7, 2022 9:07 am

Azure

Azure Updates – Number 22 – October 23, 2021

Posted on October 23, 2021 9:20 am

Automation

Azure Updates – Number 6 – March 13, 2021

Posted on March 13, 2021 9:18 am

Category: Monitoring