Cybersecurity Blog

Latest from Blog


What Do I Get When I Turn on Microsoft Defender for Cloud?

Determine the cybersecurity return on investment in Microsoft Defender for Cloud. Microsoft is very keen on selling their users security...

AIR Is Not Just Automation

Using Microsoft 365 Defender AIR for broader incident management. Microsoft 365 Defender’s Automated Investigation and Response (AIR) is a solution...

Kubernetes for Security Admins and Analysts

Implement Kubernetes security in Microsoft Sentinel using a mix of old and new methods. Microsoft Kubernetes Service (MKS) and Container...

Squeeze More Data Out of Your Analytic Rules

Enrich investigations with the new Alert Enrichment. The Microsoft Sentinel team has just recently come out with “Alert Enrichment” which...

Use JSON to Improve Microsoft Sentinel Operations

Be more efficient and unlock new tools with JSON. When working on security in Microsoft Sentinel it is important to...

How do I Format Microsoft Sentinel Comments?

Clean up comments with a text editor and HTML tags. Microsoft Sentinel allows analysts to add comments to incidents, but...

Querying an “Unqueryable” Table

Get creative to get past MCAS table restrictions. Microsoft Cloud App Security (MCAS) is Microsoft’s Cloud Access Security Broker (CASB)...

Become Proficient with KQL in 10 Minutes

Learn the 5 functions that make up 90% of KQL queries. Kusto Query Language (KQL) is the querying language that...

Why Do I Have So Many Secure Scores?

Make use of a score for each area of cloud security. Microsoft has multiple teams working on different aspects of...

How Can We Help?

Scroll to Top