Real world business tracks leading towards Azure Services
Today, we explore creating custom Automation Rules in Microsoft Sentinel to help us auto-close low value incidents. Let’s look at how we can automatically close & impact incidents and make it all work using PowerShell!
Today, we expand on and explore rapid Microsoft Sentinel deployment using PowerShell. This model of repeatable, consistent, and fast deployments is a great way to help build our own skills up, and build a resilient and robust deployment method we can count on.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Save time digging around to find recent releases and changes.
A common challenge after deploying Microsoft Sentinel has been how to keep track of your Data Connector health status. Last article, we explored getting a handle on our Microsoft Sentinel data connectors health. This week, we look visualizing and using that data with Sentinel Workbooks.
A common challenge after deploying Microsoft Sentinel has been how to keep track of Data Connectors health. Today, we take a look at getting a handle on how to start monitoring our Microsoft Sentinel data connectors health.
Getting ready to move into Azure Active Directory or make changes to your Microsoft Entra configurations? The last few weeks I’ve talked about MFA and conditional access rules; so this week we will look at the preview for Microsoft Authenticator Policies, then change gears and talk about how to get our users excited about these security enhancements.
With the end of support for Azure MFA server on-premises coming soon, it’s time to start planning the move to Azure cloud-based MFA. Let’s look at the steps to starting our migration to Azure AD MFA.
A common challenge that security teams face is simply not knowing where all the artifacts can be found during an investigation. Let’s explore the different portals where we can quickly explore our data and perform investigations…
A common challenge that security teams face is simply not knowing where all the artifacts can be found during an investigation. Microsoft Defender tools are capable of collecting a lot of data, and that can create questions during investigations of where is all this data and how do I find it quickly? Join me for a tour of the basics of Defender data retention periods and where to find that data.
When building out a SOC team, many organizations quickly realize that there are very few silos left in IT when it comes to cloud. Our SOC members need to have cloud platform skills, M365, Exchange, Active Directory, Azure Active Directory, Windows Server, REHL, and so many more skills. To say this a different way; our cloud landscape is flat, and we need members that have a wide band of skills with some specialties mixed in. This is complex to say the least, and with labour challenges in our post-covid world, we need ways to upskill our teams and build out operations manuals and tasks to support those teams.
