Bartosz Wysocki

Fixing Microsoft's Azure Brute Force Detection: Why Their Template Fires Constantly (And What You Should Change)

All right class. Microsoft ships an out-of-the-box analytic rule for

Building a Brute Force Detection Query: How To Think Through Network Logon Failures

All right class, take your seats. This post is about

Attack Simulation Training in Microsoft Defender for Office 365

Allright class Built into your Microsoft 365 E5 or Defender

Continuous Export to Log Analytics: Getting Defender for Cloud Data Where You Need It

Alright, class. You've got Defender for Cloud on.

Connecting Your Environment to Defender for Cloud: Azure, AWS, GCP, and On-Premises

Alright, class. You've decided to actually use Defender

Why You Actually Need Microsoft Defender for Cloud (And What It Actually Does)

Alright, class. Take your seats. Your infrastructure is in the

Post-Deployment Sentinel and Defender XDR: You're Not Done Yet

Alright, class. So you've deployed Sentinel. You'

App Governance in Defender for Cloud Apps: Your OAuth App Security Command Centre

Alright, class. Take your seats. We've covered Shadow

Mastering Policies in Defender for Cloud Apps: A Deep Dive for the SOC Trenches

Alright, class. Take your seats. Today is a long lesson,

A SOC Analyst's Introduction to Defender for Cloud Apps

Alright, class. Take your seats. Let's talk about