#microsoftsentinel — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #microsoftsentinel, aggregated by home.social.
-
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QARead the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations -
🕵️♂️ KQL is both a science and an art.
If you’ve ever felt your Sentinel queries were running slow or costing more than they should, you’re not alone.
This week’s #SentinelSaturdays covers how to write leaner, faster, more efficient KQL queries with practical examples you can use today.🔗 Read the full walkthrough here: https://marshsecurity.org/sentinel-skills-saturday-edition-one/
Share your comments 👇
What’s YOUR top KQL tip or favourite optimisation trick?Let’s build a thread of practical advice for the hunting community.
#MicrosoftSentinel #KQL #ThreatHunting #SecurityOperations -
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI – Source: socprime.com https://ciso2ciso.com/ai-validation-for-sentinel-queries-smarter-kql-with-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #KQLvalidation #socprimecom #UncoderAI #socprime #Blog
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com https://ciso2ciso.com/zip-archive-c2-domain-detection-in-microsoft-sentinel-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #Latestthreats #socprimecom #UncoderAI #socprime #Blog #KQL
-
IOC Query Generation for Microsoft Sentinel in Uncoder AI – Source: socprime.com https://ciso2ciso.com/ioc-query-generation-for-microsoft-sentinel-in-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #UncoderAI #socprime #Blog #KQL
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC
-
🎁 NEW UPDATE:
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
👇
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis -
Microsoft Intune – Collezionare i log e analizzarli con Microsoft Sentinel
#MicrosoftIntune #MicrosoftSentinel #SicurezzaInformatica #ICTPower #CyberSecurity #Logs #Analytics #Tech
-
𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐟𝐨𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲: 𝐞𝐥𝐞𝐦𝐞𝐧𝐭𝐬 𝐨𝐟 𝐚𝐧 𝐞𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞 𝐩𝐫𝐨𝐦𝐩𝐭
From the "Get started with Microsoft Copilot for Security" online training, I highlight this interesting in-depth analysis.
𝐄𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞 𝐩𝐫𝐨𝐦𝐩𝐭𝐬 give Copilot adequate and useful parameters to generate a valuable response. Security analysts or researchers should include the following elements when writing a prompt.
💡 𝐆𝐨𝐚𝐥 - specific, security-related information that you need
💡𝐂𝐨𝐧𝐭𝐞𝐱𝐭 - why you need this information or how you'll use it
💡𝐄𝐱𝐩𝐞𝐜𝐭𝐚𝐭𝐢𝐨𝐧𝐬 - format or target audience you want the response tailored to
💡𝐒𝐨𝐮𝐫𝐜𝐞 - known information, data sources, or plugins Copilot should use
At this link other prompting tips:
Full training: https://learn.microsoft.com/en-us/training/paths/security-copilot-and-ai/
#copilot #copilotforsecurity #securitycopilot #microsoft #microosoftsecurity #llm #openai #azureopenai #llmapps #soc #generativeai #genai #cybersecurity #azure #cloudsecurity #cloudnative #defender #sentinel #microsoftsentinel #xdr #defenderxdr #prompt #promptengineering
-
𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭
📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.
➡Device management
➡Identity management
➡Data security
➡Cloud security
➡External attack surface management
📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!
#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence
-
𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭
📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.
➡Device management
➡Identity management
➡Data security
➡Cloud security
➡External attack surface management
📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!
#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence
-
Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..
#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql
-
Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..
#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql
-
Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..
#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql
-
Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..
#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql
-
Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..
#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql
-
Did you know there's documentation available that includes details on the data collected by Azure Monitor from various sources?
Take a look at the Security data—it can be invaluable if you're working with Microsoft Sentinel! 🔒
https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-category#security
#AzureMonitor #MicrosoftSentinel #CyberSecurity #sentinel #siem #soar #log #loganalytics #schema #asim #soc #analyst #cloud #cloudsecurity #microsoft #azure #cybersecurity
-
Did you know there's documentation available that includes details on the data collected by Azure Monitor from various sources?
Take a look at the Security data—it can be invaluable if you're working with Microsoft Sentinel! 🔒
https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-category#security
#AzureMonitor #MicrosoftSentinel #CyberSecurity #sentinel #siem #soar #log #loganalytics #schema #asim #soc #analyst #cloud #cloudsecurity #microsoft #azure #cybersecurity
-
Did you know there's documentation available that includes details on the data collected by Azure Monitor from various sources?
Take a look at the Security data—it can be invaluable if you're working with Microsoft Sentinel! 🔒
https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-category#security
#AzureMonitor #MicrosoftSentinel #CyberSecurity #sentinel #siem #soar #log #loganalytics #schema #asim #soc #analyst #cloud #cloudsecurity #microsoft #azure #cybersecurity
-
Did you know there's documentation available that includes details on the data collected by Azure Monitor from various sources?
Take a look at the Security data—it can be invaluable if you're working with Microsoft Sentinel! 🔒
https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-category#security
#AzureMonitor #MicrosoftSentinel #CyberSecurity #sentinel #siem #soar #log #loganalytics #schema #asim #soc #analyst #cloud #cloudsecurity #microsoft #azure #cybersecurity
-
Did you know there's documentation available that includes details on the data collected by Azure Monitor from various sources?
Take a look at the Security data—it can be invaluable if you're working with Microsoft Sentinel! 🔒
https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-category#security
#AzureMonitor #MicrosoftSentinel #CyberSecurity #sentinel #siem #soar #log #loganalytics #schema #asim #soc #analyst #cloud #cloudsecurity #microsoft #azure #cybersecurity
-
It's my favorite time of the week again. Finalizing the Azure OpenAI (https://rodtrent.com/jtl) Defender (https://rodtrent.com/p88) and Sentinel (https://rodtrent.com/t8c) newsletters for Friday morning delivery. Lots of great community driven content this week.
#MicrosoftDefender #MicrosoftSentinel #M365D #MicrosoftPriva #MicrosoftEntra #Cybersecurity #MicrosoftPurview #MicrosoftSecurity #Security #Azure #AzureOpenAI #AI #OpenAI #Copilot
-
From zero to hero security coverage with Microsoft Sentinel for your critical SAP security signals.
"How the SOAR capabilities of Sentinel can be utilized in conjunction with SAP by leveraging Microsoft Sentinel Playbooks/Azure Logic Apps to automate remedial actions in SAP systems or SAP Business Technology Platform (BTP)"
#microsoft #azure #business #security #technology #sap #soar #sentinel #microsoftsentinel #siem #cloudnative #cloudsecurity #BusinessTechnologyPlatform #btp #erp #soc #detection #securityanalyst #playbook
-
It's my favorite time of the week again. Finalizing the Defender (https://rodtrent.com/p88), Sentinel (https://rodtrent.com/t8c), and now Azure Open AI (https://rodtrent.com/jtl) newsletters for Friday morning delivery. Lots of great community driven content this week.
#MicrosoftDefender #MicrosoftSentinel #M365D #MicrosoftPriva #MicrosoftEntra #Cybersecurity #MicrosoftPurview #MicrosoftSecurity #Security #Azure #AzureOpenAI #AI
-
From zero to hero security coverage with Microsoft Sentinel for your critical SAP security signals.
"How the SOAR capabilities of Sentinel can be utilized in conjunction with SAP by leveraging Microsoft Sentinel Playbooks/Azure Logic Apps to automate remedial actions in SAP systems or SAP Business Technology Platform (BTP)"
#microsoft #azure #business #security #technology #sap #soar #sentinel #microsoftsentinel #siem #cloudnative #cloudsecurity #BusinessTechnologyPlatform #btp #erp #soc #detection #securityanalyst #playbook
-
ClientInspector – a cool showcase to demonstrate Log ingestion API, Azure Log Ingestion Pipeline, Azure Data Collection Rules and my new Powershell module AzLogDcrIngestPS https://rodtrent.com/ebt
#MicrosoftSentinel #Azure #AzureMonitor #Cybersecurity #MicrosoftSecurity #Security
-
Do you want to quickly set up a full-fledged Microsoft Sentinel environment that is ready to use by customers speeding up deployment and initial configuration tasks in few clicks?
Try Microsoft Sentinel All-in-One v2: https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Sentinel-All-In-One
#microsoft #sentinel #microsoftsentinel #loganalytics #ueba #soc #siem #soar #azure #cloud #cloudsecurity #analytics #microsoftsecurity #microsoft365 #microsoftdefender #xdr #monitoring
-
New article: Getting max value with Azure web site observability using Azure Monitor https://blog.johnjoyner.net/using-azure-monitor-to-alert-on-azure-web-app-restarts/ #mvpbuzz #cloudcomputing #azure #governance #defenderforcloud #microsoftsentinel #azuremonitor #appinsights #webapps
-
Azure Monitor: Manage Data Access for Your Log Analytics Workspace https://rodtrent.com/gau