Dipping your toes in Microsoft Sentinel Automation
Join us as we dip our toes into Microsoft Sentinel Automation, explaining common automation use cases and how to utilize Playbooks.
February 7, 2023
Latest Articles
How to Add Active Directory Logs to Microsoft Sentinel
This article deep dives into two different methods of adding and ingesting Active Directory Logs to Microsoft Sentinel.
January 4, 2023
Prioritizing data connectors in Microsoft Sentinel
In this article, Thijs Lecomte outlines how to prioritize data connectors in Microsoft Sentinel while keeping costs down.
November 28, 2022
Use Microsoft 365 Defender and Sentinel to Defend Against New Zero-Day Threats: Part II
This article continues the discussion of the main steps needed to mitigate a zero-day threat Using Microsoft 365 Defender and Sentinel.
November 17, 2022
Detecting and Protecting Azure AD from Password Spray Attacks
In this article, Thijs Lecomte walks through various protection and detection mechanisms available to repel password spray attacks.
November 10, 2022
How to Use Microsoft 365 Defender and Sentinel to Defend Against Zero Day Threats: Part I
This article discusses the four main steps to mitigate a zero-day threat Using Microsoft 365 Defender and Sentinel.
November 2, 2022
Using KQL to Master Sentinel Data
This article is intended to help newcomers to get started with KQL by explaining what it is and how to use it in Microsoft Sentinel.
October 27, 2022
Choosing an Appropriate Retention Period for Microsoft Sentinel Workspaces
When you deploy Microsoft Sentinel, one of the most important design decisions is determining the appropriate data retention period.
September 13, 2022
New security products added to the Microsoft stack
Microsoft Jutannounced two new products in the Microsoft cloud Security stack. Both products were acquired from reputable tech companies.
August 18, 2022
Handling Inactive Devices in Microsoft Defender for Endpoint
Managing inactive devices is a confusing concept for an administrator just starting with Microsoft Defender for Endpoint. This article will provide key insights on how organizations can handle inactive devices within Microsoft Defender for Endpoint.
August 3, 2022
Day-to-day Management for Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is not a product you roll out and forget. To get the most out of this tool on a day-to-day basis, we walk through some actions administrators should be doing to keep current with the product.
June 29, 2022
When You Should Disable Azure AD Security Defaults
Determine if Azure AD security defaults are right for your organization or if you should turn them off.
June 13, 2022