Hunting PowerShell Abuse in MDE: Eight Queries, Real Results
All right class
PowerShell is in every serious Windows intrusion.
Microsoft Sentinel
Microsoft Sentinel
Your Sentinel Detection Setup Is Probably Broken. Here's How to Know.
All right class
Most environments running Sentinel today have the
Evaluating and Onboarding a Microsoft MSSP (Without the Chaos)
All right class
If you read lesson one, you already
Choosing a Microsoft MSSP Without Getting Burned (SOC/SIEM)
All right class.
Too many companies hand their entire security
Conditional Access Health Check: What Your Policies Actually Do
All right class.
This is highly technical post referencing KQL
Detection Engineering and Why It's a Must Have Part 2
All right class
This is a continuation of part 1
Detection Engineering and Why It's a Must Have
Why Your SIEM Won't Save You Without It
One‑Click Threat Intel: Add IOCs from Sentinel Incidents with a Logic App
All right class.
You’re in an incident. You pivot
Sentinel Cost Spike: How To Actually Find The Culprit Table
All right class.
Your CFO walks over and asks why
Defender for Identity: What's The Point? (And Is It Actually Worth Your Time)
All right class.
You have Active Directory. You have domain