The KQL Playbook (Play #4): The Correlation Play - Joining Tables and Enriching Data
Alright, class. Take your seats.
In our last play, we
KQL
The KQL Playbook (Play #3): Mastering Strings, Timestamps, and Ugly JSON
Alright, class. Welcome back to the KQL Playbook.
In our
The KQL Playbook (Play #2): Mastering the Matching Game
Alright, class. Welcome back to the KQL playbook.
In our
Hunting Ransomware in Storage Accounts (When You Can't Afford Defender)
Alright, class.
Let's talk about the crown jewels
Sentinel's Built-in Consultant: An In-Depth Guide to SOC Optimization
Alright, class.
You've built your security operations center
Sentinel's Endgame Gear: Sentinel Data Lake
Alright, class.
You’ve tamed your monthly Azure bill. You&
Sentinel on a Budget: How to Tame Your Log Costs
Alright, class.
You've done it. You've
Microsoft Sentinel Rule Tuning: Kick the Noise, Keep the Signal
Alright, class. Welcome back.
You've come a long
Microsoft Sentinel's Secret Weapon: Your First Watchlist
Alright, class.
You've got your Sentinel instance running.
The KQL Playbook (Play #1): A Beginner's Guide to Talking to Your Data
Alright, class. You've done it. You've