Building a Brute Force Detection Query: How To Think Through Network Logon Failures
All right class, take your seats.
This post is about
SOC
Attack Simulation Training in Microsoft Defender for Office 365
Allright class
Built into your Microsoft 365 E5 or Defender
Continuous Export to Log Analytics: Getting Defender for Cloud Data Where You Need It
Alright, class.
You've got Defender for Cloud on.
Why You Actually Need Microsoft Defender for Cloud (And What It Actually Does)
Alright, class. Take your seats.
Your infrastructure is in the
A SOC Analyst's Introduction to Defender for Cloud Apps
Alright, class. Take your seats.
Let's talk about
The KQL User Audit Playbook: Your Template for Investigations
Alright, class. Take your seats.
It’s 3 PM on
The KQL Playbook (Play #5): The Anomaly Play - Finding the 'Weird'
Alright, class. Take your seats.
In our last beginner session,
The KQL Playbook (Play #4): The Correlation Play - Joining Tables and Enriching Data
Alright, class. Take your seats.
In our last play, we
The KQL Playbook (Play #3): Mastering Strings, Timestamps, and Ugly JSON
Alright, class. Welcome back to the KQL Playbook.
In our
The KQL Playbook (Play #2): Mastering the Matching Game
Alright, class. Welcome back to the KQL playbook.
In our