When we began building the security data lake solution, we had no idea that this solution would evolve and meet so many important needs for the enterprise. Most importantly, we found the solution is changing the way we approach security engineering. We didn't anticipate that we would be able to bring together multiple IT silos … Continue reading The crazy IMPACT of the Data Lake
Category: Security
The crazy IMPACT of the Data Lake
When we began building the security data lake solution, we had no idea that this solution would evolve and meet so many important needs for the enterprise. Most importantly, we found the solution is changing the way we approach security engineering. We didn't anticipate that we would be able to bring together multiple IT silos … Continue reading The crazy IMPACT of the Data Lake
Install the Microsoft Defender for Identity sensor on Active Directory Certificate Services
Microsoft released a new Microsoft Defender for Identity (MDI) sensor type for Active Directory Certificate Services (ADCS). This article demonstrates the steps to deploy the sensor on your ADCS Servers.
Download the Microsoft Defender for Identity sensor
The Microsoft Defender for Identity (MDI) sensor can be downloaded from the Microsoft 365 Defender portal. The MDI sensor installation package is the same for Domain Controllers, ADFS and ADCS. If you have previously downloaded the package, you can use this for the installation, although I would recommend downloading the latest version for any new deployments.
Big Lake = Big Value
“Getting value out of your data lake” For the first time in the security industry, we are seeing security operations teams and data analytics teams working together. This positive development illustrates that security data has value to everyone and can be shared throughout a company. It is important to take control of your data destiny, … Continue reading Big Lake = Big Value
Data Transformers to the Rescue
ETL vs Log Forwarding - Why your security future depends on it! We are now officially in a new era of security engineering. This era is characterized by big data analytics encompassing AI, machine learning, and data warehousing. In our previous posts, we discussed the need for security operations to have greater visibility into log … Continue reading Data Transformers to the Rescue
Automate your SOC – All in One
Solution Series for the SOC Automation Series Welcome to the SOCAUTOMATORS series on automating your security operations center. This series of blog posts will help you understand the value of assigning scores to your incidents and serves as an introduction to the Microsoft Sentinel Triage Assistant solution. 88 percent of organizations receive up to 500 … Continue reading Automate your SOC – All in One
Azure Security Data Lake
Harnessing The Power of Big Data Analytics and AI - Security's Future Welcome to the SOCAUTOMATORS series on building a Security Data Lake. This series of blog posts and accompanying videos will help you design your data lake and provide guidance on technically implementing the solution in Azure. Many organizations need to harness the power … Continue reading Azure Security Data Lake
Filling Up the Security Data Lake
Dam the Lake! The foundation of our data “dam” is a pool of information collected from multiple sources. Some data is ingested directly into the data lake storage account. Other data is ingested into the SIEM and later forwarded on to the data lake to meet long-term retention requirements. Typically, 70% of data ingested into … Continue reading Filling Up the Security Data Lake
What to bring to the Data Lake?
“Yes – it’s more than bathing suit” Security engineering teams need to develop new skills to provide their security analysts with the necessary depth of data and analytics to perform their jobs effectively. Analysts require this data to be readily available in the SIEM during an incident. We must reduce the speed of triage to … Continue reading What to bring to the Data Lake?
You must be logged in to post a comment.