Cybersecurity Blog

Latest from Blog

investigate-cloud-activity-in-azure-defender

Investigate Cloud Activity in Microsoft Defender for Cloud

Use cloud EDR to investigate cloud resources. Microsoft Defender for Cloud is a cloud EDR tool built into Microsoft Security...
01-azure-sentinel-workbooks-that-all-socs-should-have

Microsoft Sentinel Workbooks that All SOCs Should Have.

Get more value out of your data for free with Workbooks. Microsoft Sentinel Workbooks allow security analysts and admins to...
why-do-i-have-four-defender-o365-investigation-menus

Why Do I Have four Defender O365 Investigation Menus?

Know the differences to optimize investigations. Microsoft recently began reorganizing their Microsoft Defender 365 security platform to make it easier...
azure-sentinel-security-testing-ground-rules

Microsoft Sentinel Security Testing Ground Rules

Keeping test incidents from being actual incidents. Cybersecurity testing is important for ensuring that the security controls that your organization...
02-why-isnt-my-azure-sentinel-ci-cd-pipeline-working

Why Isn’t My Microsoft Sentinel CI/CD Pipeline Working?

Using DevOps to automate management of Microsoft Sentinel features. The “Deploying and Managing Microsoft Sentinel as Code” Tech Community article...
essential-azure-sentinel-automations

Essential Azure Sentinel Automations

Boost productivity by automating routine tasks.  One of the ways that Azure Sentinel is attempting to differentiate itself from the...
why-arent-my-azure-sentinel-playbooks-working

Why Aren’t My Microsoft Sentinel Playbooks Working?

Solutions to some common Playbook pitfalls.   Some of the error messages that appear in Playbooks are either very cryptic or...
advanced-threat-hunting-in-azure-sentinel

Advanced Threat Hunting in Microsoft Sentinel.

When Existing Data isn’t Enough, Look for Metadata.   Microsoft Sentinel has a constantly expanding list of advanced hunting queries...
investigating-with-microsoft-defender-for-endpoints

Investigating with Microsoft Defender for Endpoints (MDE)

Use a focused methodology to resolve multi-stage incidents quickly and effectively Microsoft Defender for Endpoints (MDE) uses AI and analytics...

How Can We Help?

Main Contact Form