Practical Sentinel: The Value of MITRE ATT&CK
In this episode of Practical Sentinel, we dive into the MITRE ATT&CK framework and how to integrate it within your environment through Microsoft Sentinel & Defender XDR.
January 14, 2025
Latest Articles
Practical Sentinel: Operationalizing Health Monitoring
Like all cloud services, Microsoft Sentinel can fail from time to time. In this blog, we dive into how to find and fix these issues using the Microsoft Sentinel Health feature, which enables monitoring for analytic rules, automation rules, and data connectors.
December 9, 2024
Practical Sentinel: Adding Automation for Networking Data
In this episode of Practical Sentinel, we explain how to use Microsoft Sentinel’s SOAR capabilities to build automation on top of networking data through enrichments, automated actions, and threat intelligence integrations.
November 25, 2024
Practical Sentinel: Creating Incidents From Networking Data
After identifying what networking data you should ingest into Sentinel, the next step is to start creating alerts and incidents using the data. And that is exactly what we cover in this episode of Practical Sentinel.
August 20, 2024
Practical Sentinel: Ingesting Networking Data in Microsoft Sentinel
In this episode of Practical Sentinel, Thijs describes the different ingestion methods, how to choose the best method, and advises how to filter the ingested data.
August 13, 2024
Practical Sentinel: Adding Networking Data to Microsoft Sentinel
Are you looking to ingest your data into Sentinel? In this episode of Practical Sentinel, we review use cases and tips for ingesting networking data into Sentinel.
July 15, 2024
Practical Sentinel: Auditing Multifactor Authentication with Sentinel
In this episode of Practical Sentinel, Thijs Lecomte discusses how to create some basic KQL queries to track MFA usage.
June 5, 2024
Practical Sentinel: A Practical Look at the Unified SecOps Experience
In this blog, we take a look at the Unified Security Operations Platform, review what is available right now, discuss what Microsoft is building, and ask whether you need this functionality.
May 21, 2024
Practical Sentinel: Setting the Scene
Welcome to Practical Sentinel! In the introductory blog of this series, we review how Microsoft positions Sentinel, what capabilities the product includes, and what it does well.
May 2, 2024
Managing Exclusions for Microsoft Security Solutions
In this blog, Thijs Lecomte reviews Exclusion for Microsoft Security Solutions, why they are important, and how to manage them.
March 28, 2024
Detecting Midnight Blizzard using Microsoft Sentinel
This blog reviews the Midnight Blizzard Attack, providing some hypothetical scenarios of what actually happened and how it could've been prevented.
February 14, 2024
Five Things Microsoft 365 Security Administrators Should Do in 2023
Microsoft 365 security is a big topic. Focus is important when it comes to getting things done. In this article, we suggest five areas that administrators could work on during 2023 to improve the security posture of their tenant. You might already have established full control over some of these areas. Even if you have, it's still good to consider if you can improve security.
February 20, 2023