We're looking for the Rising Stars of SecOps. If you have fire in your belly and can prove it, we want to hear from you!

Please apply in English: https://bit.ly/nssecops

We're looking for the "Rising Stars" of SecOps. If you're looking for remote work, please let us know: https://bit.ly/nssecops

I´m interviewing candidates for this remote L2 SOC Analyst role (Mexico-based) this weekend.

https://recruiterflow.com/nsc/jobs/40

NEW UPDATE:

I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.

More will be coming soon!

#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel

https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis

Bicep support for Sentinel repositories https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/whats-new-bicep-support-in-microsoft-sentinel-repositories/ba-p/4358490 #Azure #AzureBicep #MicrosoftSentinel #DevOps

Are there any Azure Sentinel experts around? Have run into an issue and Microsoft and our billing partner have been no help and it's costing us a fortune.

Trying to locate the sudden spike of data ingestion and why it continues to rise each month.

Is anyone seeing delayed alerts in MS Sentinel? We just received multiple alerts for an account that may have been compromised two days ago. The alerts are dated 11/25 in Defender XDR and IdP, but are dated as 11/27 in Sentinel.

Scoprite come eseguire il parsing degli audit log di Libra Esva in Microsoft Sentinel per migliorare la sicurezza aziendale.

https://www.ictpower.it/sicurezza/eseguire-il-parsing-degli-audit-log-di-libra-esva-in-microsoft-sentinel.htm

パスワードレスを目指す組織が、なぜパスワードマネージャーを導入したのか
https://qiita.com/akihiro_suto/items/386444bc6b67ec96c62b?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

Il 31/08/2024 Log Analytics Agent non sarà più supportato quindi entro questa data dovrete procedere alla migrazione verso Azure Monitoring Agent (AMA).

https://www.ictpower.it/sicurezza/migrazione-di-log-analytics-agent-verso-azure-monitoring-agent-per-continuare-la-log-collection-in-microsoft-sentinel.htm

Only 5 days to go until our both our Hacking Enterprises and Defending Enterprises training classes kick off at Black Hat USA.

There's still time to snag yourself a ticket for either the weekend or weekday delivery and we'd love to help level up your skills in either offensive or defensive techniques, or both!

Wreak havoc with in our multi-domain enterprise environment and then hunt, detect, monitor and alert after, or vice versa!

https://in.security/events/

New blog post out!

Five reasons to start using Microsoft Defender Threat Intelligence (Basic)

While MDTI Basic license comes with limited capacity, it is undeniably a valuable resource to consider operationalizing in your daily tasks and incorporating it in your TI processes.

Join me in exploring 5 (plus 1!) reasons, why and how you can operationalize MDTI in your Cyber Threat Intelligence capacity.

https://www.michalos.net/2024/07/23/five-reasons-to-start-using-microsoft-defender-threat-intelligence-basic/

Less than a month to go until Black Hat USA . I suppose the only thing to say is I look forward to seeing you on either our Hacking Enterprises or Defending Enterprises trainings, or maybe both!

...and if I don't, I suppose the only question to ask is, why haven't your bought your ticket yet? From phishing, C2, IPv6 and rampaging through multi-domain trusts, to deep threat hunting, monitoring and alerting in our Sentinel lab - I suppose the REAL question is, how many friends or colleagues are signing up with you?!

https://in.security/events/

This article provides a guide on how to create and debug Microsoft Sentinel Analytic Rules, Automation Rules, and playbooks. It includes steps on creating a playbook, creating a sample Analytic rule for testing, creating an Automation rule, and debugging the playbook. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/debugging-playbooks/ba-p/4165374 #MicrosoftSentinel #PlaybookCreation #Debugging #softcorpremium

Microsoft Intune – Collezionare i log e analizzarli con Microsoft Sentinel

https://www.ictpower.it/sicurezza/microsoft-intune-collezionare-i-log-e-analizzarli-con-microsoft-sentinel.htm

FREE Hands-On KQL for Security Analysis Course is now available!
50 seats bi-monthly
Certificate of completion
14-day lab with real-world Microsoft Sentinel and Defender XDR logs
Enroll for #FREE
https://academy.bluraven.io/intro-to-kql-for-security-analysis
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

I just started offering Subscription plan for "Hands-On Kusto Query Language (KQL) for Security Analysts" course!
https://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts

New blog out!

If you isolate an endpoint during IR, you probably don't have time to notify stakeholders like the help desk that might be reached out for troubleshooting by the user. This logic app is based on #KQL and identifies the isolation action, adds a tag for your #DefenderXDR portal and sends an email.

#MicrosoftSecurity #MicrosoftSentinel #MicrosoftDefender #LogicApps #MicrosoftAutomation #Automation #AdvancedHunting

https://www.michalos.net/2024/02/20/isolated-an-endpoint-automate-tag-adding-and-notifications/