Cybersecurity Blog

Latest from Blog

what-do-i-get-when-i-turn-on-azure-denfender

What Do I Get When I Turn on Microsoft Defender for Cloud?

Determine the cybersecurity return on investment in Microsoft Defender for Cloud. Microsoft is very keen on selling their users security...
air-is-not-just-automation

AIR Is Not Just Automation

Using Microsoft 365 Defender AIR for broader incident management. Microsoft 365 Defender’s Automated Investigation and Response (AIR) is a solution...
kubernetes-for-security-admins-and-analysts

Kubernetes for Security Admins and Analysts

Implement Kubernetes security in Microsoft Sentinel using a mix of old and new methods. Microsoft Kubernetes Service (MKS) and Container...
sqeeze-more-data-out-of-your-analytic-rules

Squeeze More Data Out of Your Analytic Rules

Enrich investigations with the new Alert Enrichment. The Microsoft Sentinel team has just recently come out with “Alert Enrichment” which...
use-json-to-improve-azure-sentinel-operations

Use JSON to Improve Microsoft Sentinel Operations

Be more efficient and unlock new tools with JSON. When working on security in Microsoft Sentinel it is important to...
how-do-i-format-azure-sentinel-comments

How do I Format Microsoft Sentinel Comments?

Clean up comments with a text editor and HTML tags. Microsoft Sentinel allows analysts to add comments to incidents, but...
querying-an-unqueryable-table

Querying an “Unqueryable” Table

Get creative to get past MCAS table restrictions. Microsoft Cloud App Security (MCAS) is Microsoft’s Cloud Access Security Broker (CASB)...
become-proficitent-with-kql-in-10-minutes

Become Proficient with KQL in 10 Minutes

Learn the 5 functions that make up 90% of KQL queries. Kusto Query Language (KQL) is the querying language that...
why-do-i-have-so-many-secure-scores

Why Do I Have So Many Secure Scores?

Make use of a score for each area of cloud security. Microsoft has multiple teams working on different aspects of...

How Can We Help?

Main Contact Form