Real world business tracks leading towards Azure Services
Join me as we walk through creating a custom Microsoft Sentinel Analytics Rule using KQL to identify suspicious login patterns based on failed attempts. We will explore the different components of creating these custom rules, what tuning looks like, and creating incidents from the rules.
Today we take a detailed look at building our own Sentinel Playbooks and gathering information on an Incident automatically. Join me as we build automation to update Alerts with detailed IP lookup information as comments. With basic research done automatically, we can save a lot of time!
Today, we will explore some enhancements to your Microsoft Sentinel environment. I look at optimizing the ticket queue and working to prevent ticket overload. Join me to explore Automation Rules.
Join me to explore next steps once you have investigated an incident. Taking action to respond to the threat in Microsoft Sentinel provides excellent automated response capabilities that can be used to respond to threats in real-time. Let’s explore!
Knowing where to start with Sentinel Incidents speeds remediation and supports making better decisions. Today, let’s take a look at monitoring and responding to cyber threats using Microsoft Sentinel.
Today, we explore creating custom Automation Rules in Microsoft Sentinel to help us auto-close low value incidents. Let’s look at how we can automatically close & impact incidents and make it all work using PowerShell!
Today, we expand on and explore rapid Microsoft Sentinel deployment using PowerShell. This model of repeatable, consistent, and fast deployments is a great way to help build our own skills up, and build a resilient and robust deployment method we can count on.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Save time digging around to find recent releases and changes.
A common challenge after deploying Microsoft Sentinel has been how to keep track of your Data Connector health status. Last article, we explored getting a handle on our Microsoft Sentinel data connectors health. This week, we look visualizing and using that data with Sentinel Workbooks.
A common challenge after deploying Microsoft Sentinel has been how to keep track of Data Connectors health. Today, we take a look at getting a handle on how to start monitoring our Microsoft Sentinel data connectors health.
