Cybersecurity Blog
Latest from Blog
What Do I Get When I Turn on Microsoft Defender for Cloud?
Determine the cybersecurity return on investment in Microsoft Defender for Cloud. Microsoft is very keen on selling their users security...
AIR Is Not Just Automation
Using Microsoft 365 Defender AIR for broader incident management. Microsoft 365 Defender’s Automated Investigation and Response (AIR) is a solution...
Kubernetes for Security Admins and Analysts
Implement Kubernetes security in Microsoft Sentinel using a mix of old and new methods. Microsoft Kubernetes Service (MKS) and Container...
Squeeze More Data Out of Your Analytic Rules
Enrich investigations with the new Alert Enrichment. The Microsoft Sentinel team has just recently come out with “Alert Enrichment” which...
Use JSON to Improve Microsoft Sentinel Operations
Be more efficient and unlock new tools with JSON. When working on security in Microsoft Sentinel it is important to...
How do I Format Microsoft Sentinel Comments?
Clean up comments with a text editor and HTML tags. Microsoft Sentinel allows analysts to add comments to incidents, but...
Querying an “Unqueryable” Table
Get creative to get past MCAS table restrictions. Microsoft Cloud App Security (MCAS) is Microsoft’s Cloud Access Security Broker (CASB)...