#microsoftsentinel — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #microsoftsentinel, aggregated by home.social.
-
🚨 Turn threat intelligence into action in @microsoft Sentinel
With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.
Learn more 👉 https://doc.crowdsec.net/u/cti_api/api_integration/integration_ms_sentinel/
-
🚨 Turn threat intelligence into action in @microsoft Sentinel
With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.
Learn more 👉 https://doc.crowdsec.net/u/cti_api/api_integration/integration_ms_sentinel/
-
🚨 Turn threat intelligence into action in @microsoft Sentinel
With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.
Learn more 👉 https://doc.crowdsec.net/u/cti_api/api_integration/integration_ms_sentinel/
-
🚨 Turn threat intelligence into action in @microsoft Sentinel
With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.
Learn more 👉 https://doc.crowdsec.net/u/cti_api/api_integration/integration_ms_sentinel/
-
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
🚨 GreyNoise for Microsoft Sentinel is here!
Filter out internet background noise automatically. Focus on real threats.
#MicrosoftSentinel #AppAssure -
Sentinel Saturday!
🏷️ Tag and Track Incidents with Custom Incident Labels
Keeping your SOC organised can be tough, especially when multiple analysts are tackling dozens of incidents at once or if you are managing an MSSP.
This week’s #SentinelSaturday covers how custom incident labels in Microsoft Sentinel can bring order to the chaos. From tracking investigation stages to grouping related threats, labels are a simple way to improve visibility, collaboration, and reporting.
👉 Check out the post, try adding meaningful labels to your own incidents, and see how it transforms your workflow. https://marshsecurity.org/sentinel-saturdays-tag-and-track-incidents-with-custom-incident-labels/
💬 How do you label and categorise incidents in your environment? Drop your ideas in the comments. Let’s share what works for our own environments!
🔁 If you find this helpful, give it a like or share it with your Sentinel team.
#MicrosoftSentinel #SentinelSaturdays #CyberSecurity #SOC #ThreatDetection #IncidentResponse #MicrosoftSecurity -
🕵️♂️ KQL is both a science and an art.
If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.🔗 Read the full walkthrough here: https://marshsecurity.org/sentinel-skills-saturday-edition-one/
Share your comments 👇
What’s YOUR top KQL tip or favourite optimisation trick?Let’s build a thread of practical advice for the hunting community.
#MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations -
🕵️♂️ KQL is both a science and an art.
If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.🔗 Read the full walkthrough here: https://marshsecurity.org/sentinel-skills-saturday-edition-one/
Share your comments 👇
What’s YOUR top KQL tip or favourite optimisation trick?Let’s build a thread of practical advice for the hunting community.
#MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations -
🕵️♂️ KQL is both a science and an art.
If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.🔗 Read the full walkthrough here: https://marshsecurity.org/sentinel-skills-saturday-edition-one/
Share your comments 👇
What’s YOUR top KQL tip or favourite optimisation trick?Let’s build a thread of practical advice for the hunting community.
#MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations -
🕵️♂️ KQL is both a science and an art.
If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.🔗 Read the full walkthrough here: https://marshsecurity.org/sentinel-skills-saturday-edition-one/
Share your comments 👇
What’s YOUR top KQL tip or favourite optimisation trick?Let’s build a thread of practical advice for the hunting community.
#MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations -
Microsoft Unveils Sentinel Data Lake to Power AI Defenses and Cut Security Costs
#Cybersecurity #Microsoft #MicrosoftSentinel #AI #CloudSecurity #SIEM #DataLake
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
IOC Query Generation for Microsoft Sentinel in Uncoder AI – Source: socprime.com https://ciso2ciso.com/ioc-query-generation-for-microsoft-sentinel-in-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #UncoderAI #socprime #Blog #KQL
-
Detecting Covert TOR Access in Microsoft Sentinel with Uncoder AI’s Decision Tree – Source: socprime.com https://ciso2ciso.com/detecting-covert-tor-access-in-microsoft-sentinel-with-uncoder-ais-decision-tree-source-socprime-com/ #AI-generatedDecisionTree #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #UncoderAI #socprime #Blog
-
Translate from Sigma into 48 Languages – Source: socprime.com https://ciso2ciso.com/translate-from-sigma-into-48-languages-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Splunk #Sigma #Blog #SIEM
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From Threat Report to Detection Logic: Uncoder AI Automates Rule Generation – Source: socprime.com https://ciso2ciso.com/from-threat-report-to-detection-logic-uncoder-ai-automates-rule-generation-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Kusto #Blog
-
How Full Summary in Uncoder AI Supercharges Kusto Query Analysis for Threat Hunters – Source: socprime.com https://ciso2ciso.com/how-full-summary-in-uncoder-ai-supercharges-kusto-query-analysis-for-threat-hunters-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #SysmonEventID7 #FullSummary #socprimecom #clfs.sys #socprime #Kusto #Blog
-
🎁 NEW UPDATE:
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
👇
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis -
Is anyone seeing delayed alerts in MS Sentinel? We just received multiple alerts for an account that may have been compromised two days ago. The alerts are dated 11/25 in Defender XDR and IdP, but are dated as 11/27 in Sentinel.
-
Il 31/08/2024 Log Analytics Agent non sarà più supportato quindi entro questa data dovrete procedere alla migrazione verso Azure Monitoring Agent (AMA).
#Azure #MicrosoftSentinel #CyberSecurity #CloudComputing #LogCollection #ICTPower
-
Il 31/08/2024 Log Analytics Agent non sarà più supportato quindi entro questa data dovrete procedere alla migrazione verso Azure Monitoring Agent (AMA).
#Azure #MicrosoftSentinel #CyberSecurity #CloudComputing #LogCollection #ICTPower
-
Only 5 days to go until our both our Hacking Enterprises and Defending Enterprises training classes kick off at Black Hat USA.
There's still time to snag yourself a ticket for either the weekend or weekday delivery and we'd love to help level up your skills in either offensive or defensive techniques, or both!
Wreak havoc with in our multi-domain enterprise environment and then hunt, detect, monitor and alert after, or vice versa!
#pentesting #redteam #hacking #training #cybersecurity #BHUSA #blueteam #kql #microsoftsentinel #threathunting
-
Are your Azure Storage Accounts locked down to a network? Are you still resisting Private Endpoints? Keep your data secure #AzureSecurity #ConfigurationMonitoring #MicrosoftSentinel
-
Less than a month to go until Black Hat USA 👀. I suppose the only thing to say is I look forward to seeing you on either our Hacking Enterprises or Defending Enterprises trainings, or maybe both!
...and if I don't, I suppose the only question to ask is, why haven't your bought your ticket yet? 😎 From phishing, C2, IPv6 and rampaging through multi-domain trusts, to deep threat hunting, monitoring and alerting in our Sentinel lab - I suppose the REAL question is, how many friends or colleagues are signing up with you?!
#pentesting #hacking #redteam #BHUSA #bluetam #threathunting #kql #microsoftsentinel
-
🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
-
🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
-
🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
-
🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
-
🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
-
This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/debugging-playbooks/ba-p/4165374 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium
-
This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/debugging-playbooks/ba-p/4165374 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium
-
This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/debugging-playbooks/ba-p/4165374 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium
-
This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/debugging-playbooks/ba-p/4165374 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium
-
Safeguard your Azure environment by leveraging Microsoft Sentinel's AI-driven analytics to detect and respond to security threats in real-time. #AzureSecurity #MicrosoftSentinel
-
Microsoft Intune – Collezionare i log e analizzarli con Microsoft Sentinel
#MicrosoftIntune #MicrosoftSentinel #SicurezzaInformatica #ICTPower #CyberSecurity #Logs #Analytics #Tech