home.social

#microsoftsentinel — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #microsoftsentinel, aggregated by home.social.

  1. 🚨 Turn threat intelligence into action in @microsoft Sentinel

    With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.

    Learn more 👉 doc.crowdsec.net/u/cti_api/api

    #MicrosoftSentinel #SecurityAutomation #CTI #cybersecurity

  2. 🚨 Turn threat intelligence into action in @microsoft Sentinel

    With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.

    Learn more 👉 doc.crowdsec.net/u/cti_api/api

    #MicrosoftSentinel #SecurityAutomation #CTI #cybersecurity

  3. 🚨 Turn threat intelligence into action in @microsoft Sentinel

    With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.

    Learn more 👉 doc.crowdsec.net/u/cti_api/api

    #MicrosoftSentinel #SecurityAutomation #CTI #cybersecurity

  4. 🚨 Turn threat intelligence into action in @microsoft Sentinel

    With the CrowdSec Sentinel Playbook, enrich your alerts using CrowdSec’s CTI and automatically detect malicious IPs involved in auth or security events.

    Learn more 👉 doc.crowdsec.net/u/cti_api/api

    #MicrosoftSentinel #SecurityAutomation #CTI #cybersecurity

  5. New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
    Read the blog 👉 marshsecurity.org/sentinel-sat

    In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

    Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

    - Auto-create tasks when automation fails (so nothing slips through the cracks)
    - Auto-complete tasks when automation succeeds
    - Use tasks to verify automation outcomes
    - Build engineering feedback loops and automation #QA

    Read the blog 👉 marshsecurity.org/sentinel-sat

    #MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
    #CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
    #CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

  6. New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
    Read the blog 👉 marshsecurity.org/sentinel-sat

    In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

    Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

    - Auto-create tasks when automation fails (so nothing slips through the cracks)
    - Auto-complete tasks when automation succeeds
    - Use tasks to verify automation outcomes
    - Build engineering feedback loops and automation #QA

    Read the blog 👉 marshsecurity.org/sentinel-sat

    #MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
    #CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
    #CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

  7. New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
    Read the blog 👉 marshsecurity.org/sentinel-sat

    In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

    Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

    - Auto-create tasks when automation fails (so nothing slips through the cracks)
    - Auto-complete tasks when automation succeeds
    - Use tasks to verify automation outcomes
    - Build engineering feedback loops and automation #QA

    Read the blog 👉 marshsecurity.org/sentinel-sat

    #MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
    #CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
    #CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

  8. New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
    Read the blog 👉 marshsecurity.org/sentinel-sat

    In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

    Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

    - Auto-create tasks when automation fails (so nothing slips through the cracks)
    - Auto-complete tasks when automation succeeds
    - Use tasks to verify automation outcomes
    - Build engineering feedback loops and automation #QA

    Read the blog 👉 marshsecurity.org/sentinel-sat

    #MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
    #CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
    #CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

  9. New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
    Read the blog 👉 marshsecurity.org/sentinel-sat

    In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.

    Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.

    - Auto-create tasks when automation fails (so nothing slips through the cracks)
    - Auto-complete tasks when automation succeeds
    - Use tasks to verify automation outcomes
    - Build engineering feedback loops and automation #QA

    Read the blog 👉 marshsecurity.org/sentinel-sat

    #MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
    #CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
    #CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations

  10. Sentinel Saturday!

    🏷️ Tag and Track Incidents with Custom Incident Labels

    Keeping your SOC organised can be tough, especially when multiple analysts are tackling dozens of incidents at once or if you are managing an MSSP.

    This week’s #SentinelSaturday covers how custom incident labels in Microsoft Sentinel can bring order to the chaos. From tracking investigation stages to grouping related threats, labels are a simple way to improve visibility, collaboration, and reporting.

    👉 Check out the post, try adding meaningful labels to your own incidents, and see how it transforms your workflow. marshsecurity.org/sentinel-sat

    💬 How do you label and categorise incidents in your environment? Drop your ideas in the comments. Let’s share what works for our own environments!

    🔁 If you find this helpful, give it a like or share it with your Sentinel team.
    #MicrosoftSentinel #SentinelSaturdays #CyberSecurity #SOC #ThreatDetection #IncidentResponse #MicrosoftSecurity

  11. 🕵️‍♂️ KQL is both a science and an art.

    If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
    This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.

    🔗 Read the full walkthrough here: marshsecurity.org/sentinel-ski

    Share your comments 👇
    What’s YOUR top KQL tip or favourite optimisation trick?

    Let’s build a thread of practical advice for the hunting community.
    #MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations

  12. 🕵️‍♂️ KQL is both a science and an art.

    If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
    This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.

    🔗 Read the full walkthrough here: marshsecurity.org/sentinel-ski

    Share your comments 👇
    What’s YOUR top KQL tip or favourite optimisation trick?

    Let’s build a thread of practical advice for the hunting community.
    #MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations

  13. 🕵️‍♂️ KQL is both a science and an art.

    If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
    This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.

    🔗 Read the full walkthrough here: marshsecurity.org/sentinel-ski

    Share your comments 👇
    What’s YOUR top KQL tip or favourite optimisation trick?

    Let’s build a thread of practical advice for the hunting community.
    #MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations

  14. 🕵️‍♂️ KQL is both a science and an art.

    If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
    This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.

    🔗 Read the full walkthrough here: marshsecurity.org/sentinel-ski

    Share your comments 👇
    What’s YOUR top KQL tip or favourite optimisation trick?

    Let’s build a thread of practical advice for the hunting community.
    #MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations

  15. 🎁 NEW UPDATE:

    I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.

    More will be coming soon!

    #KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
    👇
    academy.bluraven.io/course/int

  16. Is anyone seeing delayed alerts in MS Sentinel? We just received multiple alerts for an account that may have been compromised two days ago. The alerts are dated 11/25 in Defender XDR and IdP, but are dated as 11/27 in Sentinel.

    #MicrosoftSentinel #threatintelligence

  17. Only 5 days to go until our both our Hacking Enterprises and Defending Enterprises training classes kick off at Black Hat USA.

    There's still time to snag yourself a ticket for either the weekend or weekday delivery and we'd love to help level up your skills in either offensive or defensive techniques, or both!

    Wreak havoc with in our multi-domain enterprise environment and then hunt, detect, monitor and alert after, or vice versa!

    in.security/events/

    #pentesting #redteam #hacking #training #cybersecurity #BHUSA #blueteam #kql #microsoftsentinel #threathunting

  18. Are your Azure Storage Accounts locked down to a network? Are you still resisting Private Endpoints? Keep your data secure

  19. Less than a month to go until Black Hat USA 👀. I suppose the only thing to say is I look forward to seeing you on either our Hacking Enterprises or Defending Enterprises trainings, or maybe both!

    ...and if I don't, I suppose the only question to ask is, why haven't your bought your ticket yet? 😎 From phishing, C2, IPv6 and rampaging through multi-domain trusts, to deep threat hunting, monitoring and alerting in our Sentinel lab - I suppose the REAL question is, how many friends or colleagues are signing up with you?!

    in.security/events/

    #pentesting #hacking #redteam #BHUSA #bluetam #threathunting #kql #microsoftsentinel

  20. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  21. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  22. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  23. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  24. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  25. This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. techcommunity.microsoft.com/t5 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium

  26. This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. techcommunity.microsoft.com/t5 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium

  27. This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. techcommunity.microsoft.com/t5

  28. This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. techcommunity.microsoft.com/t5 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium

  29. Safeguard your Azure environment by leveraging Microsoft Sentinel's AI-driven analytics to detect and respond to security threats in real-time.