Practical Sentinel: Adding Networking Data to Microsoft Sentinel
Are you looking to ingest your data into Sentinel? In this episode of Practical Sentinel, we review use cases and tips for ingesting networking data into Sentinel.
Are you looking to ingest your data into Sentinel? In this episode of Practical Sentinel, we review use cases and tips for ingesting networking data into Sentinel.
In this episode of Practical Sentinel, Thijs Lecomte discusses how to create some basic KQL queries to track MFA usage.
In this blog, we take a look at the Unified Security Operations Platform, review what is available right now, discuss what Microsoft is building, and ask whether you need this functionality.
Welcome to Practical Sentinel! In the introductory blog of this series, we review how Microsoft positions Sentinel, what capabilities the product includes, and what it does well.
In this blog, Thijs Lecomte reviews Exclusion for Microsoft Security Solutions, why they are important, and how to manage them.
This blog reviews the Midnight Blizzard Attack, providing some hypothetical scenarios of what actually happened and how it could've been prevented.
With the end of the year in sight, we wanted to look back and see how Microsoft performed with security products in 2023, reviewing some of Microsoft’s biggest announcements and discussing if Microsoft's focus is leaning in the right direction.
In this blog, Thijs Lecomte reviews the new Web Sign-in feature for Windows 11 and its specific use cases.
Most think that the safe senders list does not override the anti-spam policies configured in Exchange Online, but the opposite is true. In this blog, we discuss how this happens and how to fix it with PowerShell.
In this article, Thijs Lecomte discusses how to identify malicious emails using Microsoft Defender for Office 365.
The announcement of Microsoft's Security Service Edge (SSE) Products has gained a lot of buzz in the space. In this blog, Thijs Lecomte breaks down these products and how well the market accepts Microsoft’s SSE initiative.
Over the past few years, Microsoft has proven to have a worthy security product in Microsoft Defender for Endpoint (MDE) for Windows devices. While most talk about Windows when discussing Microsoft Defender, it also supports MacOS, Linux, Android, and iOS. The question arises whether MDE is a mature product for these platforms and if you can entrust Microsoft to protect devices running these operating systems.