Microsoft Sentinel

PIM Auditing in Microsoft Sentinel: High Value Detections

All right class. PIM is a just-in-time access

Sentinel Incident Email Alerts: Free Logic App with ARM Template

All right class One of the most common questions I&

The Nag Machine: A Logic App That Badgers Your Team About Unowned Sentinel Incidents

All right class Today is a quick one so you

Building Your First Threat Hunting Hypothesis (The MITRE Way)

All right class. Lots of SOC teams say they do

Diagnostic Settings Manager Workbook

All right class This one is free to grab. No

Azure Key Vault: The High-Value Queries Your SOC Isn't Running

All right class. Key Vault is where your secrets live.

Hunting PowerShell Abuse in MDE: Eight Queries, Real Results

All right class PowerShell is in every serious Windows intrusion.

Your Sentinel Detection Setup Is Probably Broken. Here's How to Know.

All right class Most environments running Sentinel today have the

Evaluating and Onboarding a Microsoft MSSP (Without the Chaos)

All right class If you read lesson one, you already

Choosing a Microsoft MSSP Without Getting Burned (SOC/SIEM)

All right class. Too many companies hand their entire security