Detection Engineering and Why It's a Must Have
Why Your SIEM Won't Save You Without It
SOC Operations
Defender for Identity: What's The Point? (And Is It Actually Worth Your Time)
All right class.
You have Active Directory. You have domain
Microsoft Sentinel on a Shoestring: What You Can Actually Do with Business Premium
All right class
You have Entra ID P1 and Business
Data Connectors: The Order That Actually Matters
All right class
I've seen people enable data
KQL User Audit Playbook V2: The Insider Threat Investigation Guide
All right class.
This is a continuation of my previous
Teams Threat Protection: What Actually Changed and What You Can Actually Hunt
All right class
Your SOC has limited visibility into Teams.
Threat Analytics in Microsoft Defender: What It Actually Does and Why Your SOC Needs It
All right class.
You're doing your SOC investigations
Hunting in Microsoft Sentinel: What Hunting Actually Is and Why You Need It
Terminology matters here. Microsoft uses these words in specific ways,
Three Essential Sentinel Workbooks You Should Deploy Right Now
All right class.
Workbooks That Actually Solve Problems
Microsoft has
Sentinel Workbooks: Deploy and Customise Your First Dashboard
Welcome back class.
You're running Sentinel. Logs are