Data Connectors: The Order That Actually Matters
All right class
I've seen people enable data
Bartosz Wysocki
Sentinel Deployment Checklist: What You Actually Need Before Day One
All right class.
This is the pre-deployment checklist for people
User Audit Investigation Workbook: Deploy in Minutes, Investigate in Seconds
All right class.
This is the workbook I wish people
KQL User Audit Playbook V2: The Insider Threat Investigation Guide
All right class.
This is a continuation of my previous
Teams Threat Protection: What Actually Changed and What You Can Actually Hunt
All right class
Your SOC has limited visibility into Teams.
Threat Analytics in Microsoft Defender: What It Actually Does and Why Your SOC Needs It
All right class.
You're doing your SOC investigations
Hunting in Microsoft Sentinel: What Hunting Actually Is and Why You Need It
Terminology matters here. Microsoft uses these words in specific ways,
Three Essential Sentinel Workbooks You Should Deploy Right Now
All right class.
Workbooks That Actually Solve Problems
Microsoft has
Sentinel Workbooks: Deploy and Customise Your First Dashboard
Welcome back class.
You're running Sentinel. Logs are
Beauty of Data Visualization in Microsoft Sentinel Using KQL
Welcome back, class.
Tables are useless at scale. You know