Azure Sentinel – Detect Service Connection use outside of pipeline
During the work on Azure AD – Attack and Defense Playbook (1) there was rather nice byproduct – a simple,Lue lisää
Kategoria: Sentinel
Project Log 0 : Monitor logins by accounts assigned Azure AD roles
I started to create a solution, that would list logins based on the users Azure AD admin role. This canLue lisää
Azure Sentinel & Log Analytics – Cross correlate between data on Azure Blob Storage and Log Analytics
I just wanted briefly document a quick way to bring external data to Sentinel / Log Analytics for cross-correlation betweenLue lisää
Correlating Azure AD logs to Office 365 workload operations With Azure Sentinel
One of my favorite things these days in Microsoft Cloud ecosystem is the widespread support of KQL (Kusto Query Language).Lue lisää
Ton of value with Azure Sentinel – Plotting Azure AD Sign-in locations to an map
Azure AD Sentinel Workbook sweetness Background I am currently in the process of enriching logs for a bit larger project.Lue lisää
SecureCloudBlog 