Mastering Policies in Defender for Cloud Apps: A Deep Dive for the SOC Trenches
Alright, class. Take your seats. Today is a long lesson,
Microsoft Sentinel
Microsoft Sentinel
A SOC Analyst's Introduction to Defender for Cloud Apps
Alright, class. Take your seats.
Let's talk about
The KQL User Audit Playbook: Your Template for Investigations
Alright, class. Take your seats.
It’s 3 PM on
The KQL Playbook (Play #5): The Anomaly Play - Finding the 'Weird'
Alright, class. Take your seats.
In our last beginner session,
The KQL Playbook (Play #4): The Correlation Play - Joining Tables and Enriching Data
Alright, class. Take your seats.
In our last play, we
The KQL Playbook (Play #3): Mastering Strings, Timestamps, and Ugly JSON
Alright, class. Welcome back to the KQL Playbook.
In our
The KQL Playbook (Play #2): Mastering the Matching Game
Alright, class. Welcome back to the KQL playbook.
In our
The Self-Updating Watchlist: Automating Sentinel with Logic Apps & Graph API
Alright, class.
Let's talk about one of the
Herding Cats with Sentinel: An In-Depth Guide to Workspace Manager
Alright, class.
In a previous lesson, we discussed the "
Beyond the Basics: Forging Your Own Custom Detections in Defender XDR
Alright, class.
You've started to notice something. Sentinel