0
AzureTracks.com - Microsoft Sentinel data retention basics - superhero of data retention pictured center with a shield and red cape.

Building a Microsoft Sentinel Data Use Case

Join me this week to gain an in-depth understanding on how to clearly define what data to retain. Data retention is not just a regulatory box to tick; it’s the backbone of a robust security posture.  In the realm of Microsoft Sentinel, understanding how to manage your data retention is key to leveraging the full potential of your SIEM system.  From cost management to compliance, the way you handle data can make or break your security operations.

Posted on 8:40 am
0
AzureTracks.com - where to start with data retention - shown is a stack of servers that may store data.

Data Retention in Sentinel – Where to Start

Join me for as we explore one of the critical aspects of using Microsoft Sentinel — understanding data retention and how to get started.  Data retention in Microsoft Sentinel involves managing how long data is kept within your Log Analytics workspace.  This is crucial for compliance, incident response, log searchability, and cost management.

Posted on 7:10 am

Using Threat Intelligence in Microsoft Sentinel to Enhance Incidents

In this article, we explore real world automation and improvements to Sentinel Incidents. Leveraging Microsoft Sentinel Playbooks you can streamline your SOC security operations and respond to incidents faster and with the information your Analysts need to make decisions. A key component of this process is the integration of Threat Intelligence (TI) to enrich incident data with critical context – before anyone opens that incident to investigate.

Posted on 7:07 am
0

Azure Updates – Number 95 – July 27, 2024

A summary update on Azure News that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Every update is linked to it’s original Microsoft Azure, Microsoft Sentinel or other blog source. Hopefully this will save you some time digging around to find recent releases and changes.

Posted on 10:41 am
0

Find Failed Create Operations in Azure using KQL

Today, we embark on a thrilling quest through the Azure cosmos to uncover the secrets of failed create operations using Kusto Query Language (KQL). This quick post will equip you with the knowledge to track down those elusive “create” mishaps and help find clues behind these operations quickly.

Posted on 8:00 am
0
AzureTracks.com investigate using KQL and find deleted or hidden log entries.

Unveil Delete Operations in Azure using KQL

In this blog post, we’ll explore how to wield the mighty KQL to uncover those elusive “delete” actions within your Azure environment. Whether you’re a seasoned cloud explorer or just dipping your toes into the Azure waters, this guide will equip you with the knowledge to track down those vanishing resources.

Posted on 6:58 am
0
A person looking at a chalkboard with many formulas and numbers. Let's talk about cost estimation and analysis!

Defender for Cloud Cost Controls

Finding the true cost of cloud SaaS tooling is a complicated and elusive task. Microsoft has some different tools we can use to try and estimate costs that we’ll cover in this post. There are challenges in accurately estimating cloud consumption and usage costs due to day-to-day variances in that usage and other factors. Let’s explore MDC cost estimating together!

Posted on 7:05 am
0

Fortifying Your Cyber Defenses: Preventing Unmanaged Device Compromises

In the evolving landscape of cyber threats, ransomware operators are increasingly targeting unmanaged devices. These devices, including personal devices used for work-related tasks, often lack the robust security measures found in managed systems. Understanding these evolving threats and taking proactive steps to protect your organization is paramount. Today, our article delves into the challenges posed by unmanaged device compromises and offers comprehensive, actionable measures to bolster your defenses.

Posted on 7:23 am
0
Malinois IT Security Ninja

Strengthening Cyber Defenses Against Modern Threats

In today’s digital age, cyber threats have evolved into sophisticated attacks that exploit vulnerabilities on an unprecedented scale. It’s crucial to understand these threats and take proactive steps to protect your organization. In this article, we explore the evolving landscape of cybercrime and provide actionable measures to safeguard your digital assets. Today, we continue our journey through Microsoft’s Digital Defense Report 2023 and look at some actionable steps that can be taken to improve your organization’s security posture.

Posted on 8:18 am