Microsoft Sentinel

Is Defender for Office 365 worth it?

All right class. Your email is already protected by Exchange

UEBA in Microsoft Sentinel: Stop Wasting Time on Behavioral Analytics

Welcome back, class. You've probably heard the pitch:

Fixing Microsoft's Azure Brute Force Detection: Why Their Template Fires Constantly (And What You Should Change)

All right class. Microsoft ships an out-of-the-box analytic rule for

Building a Brute Force Detection Query: How To Think Through Network Logon Failures

All right class, take your seats. This post is about

Continuous Export to Log Analytics: Getting Defender for Cloud Data Where You Need It

Alright, class. You've got Defender for Cloud on.

Post-Deployment Sentinel and Defender XDR: You're Not Done Yet

Alright, class. So you've deployed Sentinel. You'

App Governance in Defender for Cloud Apps: Your OAuth App Security Command Centre

Alright, class. Take your seats. We've covered Shadow

Mastering Policies in Defender for Cloud Apps: A Deep Dive for the SOC Trenches

Alright, class. Take your seats. Today is a long lesson,

A SOC Analyst's Introduction to Defender for Cloud Apps

Alright, class. Take your seats. Let's talk about

The KQL User Audit Playbook: Your Template for Investigations

Alright, class. Take your seats. It’s 3 PM on