Audit NTLM using Azure Sentinel – part 1 This time we are going to take a closer look at NTLM usage. Most likely, you have seen the news about [...]

Audit Active Directory Certificate Services using Azure Sentinel This blog post shows you how to enable and configure Active Directory Certificate Services auditing. What do you need? Log Analytics [...]

Manage Defender for Endpoint device tags through Azure Automaton DSC Another day I was playing around again with the Azure Desired State Configuration feature, and [...]

Our notes about #printnightmare zero-day and Kaseya As you have already heard, there is a zero-day vulnerability in the print spooler service. Microsoft also posted [...]

Getting started with Azure Sentinel and PowerShell Now that we have an official PowerShell module for Azure Sentinel, we can use PowerShell with Azure Sentinel. [...]

Azure Sentinel Analytics Rules I exported all the Azure Sentinel Analytics Rules to an Excel spreadsheet. […]

Azure Sentinel management using PowerShell eBook I put together a small ebook about Azure Sentinel management using PowerShell. […]

Azure Sentinel incident management using PowerShell I put together a small ebook about Azure Sentinel incident management using PowerShell. […]

Azure Sentinel PowerShell cmdlets A few days ago, Microsoft released an official PowerShell module for Azure Sentinel. As of today, it includes 24 different cmdlets. [...]

Configuration Manager and Azure Sentinel A few months ago, Microsoft had an Azure Sentinel hackathon, and I thought that maybe I could build-up one POC solution for Azure Sentinel [...]