Cybersecurity Blog

Latest from Blog


Investigate Cloud Activity in Microsoft Defender for Cloud

Use cloud EDR to investigate cloud resources. Microsoft Defender for Cloud is a cloud EDR tool built into Microsoft Security...

Microsoft Sentinel Workbooks that All SOCs Should Have.

Get more value out of your data for free with Workbooks. Microsoft Sentinel Workbooks allow security analysts and admins to...

Why Do I Have four Defender O365 Investigation Menus?

Know the differences to optimize investigations. Microsoft recently began reorganizing their Microsoft Defender 365 security platform to make it easier...

Microsoft Sentinel Security Testing Ground Rules

Keeping test incidents from being actual incidents. Cybersecurity testing is important for ensuring that the security controls that your organization...

Why Isn’t My Microsoft Sentinel CI/CD Pipeline Working?

Using DevOps to automate management of Microsoft Sentinel features. The “Deploying and Managing Microsoft Sentinel as Code” Tech Community article...

Essential Azure Sentinel Automations

Boost productivity by automating routine tasks.  One of the ways that Azure Sentinel is attempting to differentiate itself from the...

Why Aren’t My Microsoft Sentinel Playbooks Working?

Solutions to some common Playbook pitfalls.   Some of the error messages that appear in Playbooks are either very cryptic or...

Advanced Threat Hunting in Microsoft Sentinel.

When Existing Data isn’t Enough, Look for Metadata.   Microsoft Sentinel has a constantly expanding list of advanced hunting queries...

Investigating with Microsoft Defender for Endpoints (MDE)

Use a focused methodology to resolve multi-stage incidents quickly and effectively Microsoft Defender for Endpoints (MDE) uses AI and analytics...

How Can We Help?

Main Contact Form