Security Operations

UEBA in Microsoft Sentinel: Stop Wasting Time on Behavioral Analytics

Welcome back, class. You've probably heard the pitch:

Connecting Your Environment to Defender for Cloud: Azure, AWS, GCP, and On-Premises

Alright, class. You've decided to actually use Defender

Why You Actually Need Microsoft Defender for Cloud (And What It Actually Does)

Alright, class. Take your seats. Your infrastructure is in the

App Governance in Defender for Cloud Apps: Your OAuth App Security Command Centre

Alright, class. Take your seats. We've covered Shadow

Mastering Policies in Defender for Cloud Apps: A Deep Dive for the SOC Trenches

Alright, class. Take your seats. Today is a long lesson,

A SOC Analyst's Introduction to Defender for Cloud Apps

Alright, class. Take your seats. Let's talk about

The KQL User Audit Playbook: Your Template for Investigations

Alright, class. Take your seats. It’s 3 PM on

The KQL Playbook (Play #5): The Anomaly Play - Finding the 'Weird'

Alright, class. Take your seats. In our last beginner session,

The KQL Playbook (Play #2): Mastering the Matching Game

Alright, class. Welcome back to the KQL playbook. In our

MSSP SOC Analyst Interviews (Microsoft Stack): The questions you’ll actually get -and the answers I’d actually give

Alright class, let's do this. Grab your coffee,