On April 20th, myself and my colleagues will be kicking off a new journey for the Microsoft Security Insights podcast. We will be kicking off our first-ever Microsoft Reactor show, joined by our inaugural guest, Matt Soseman, Senior Program Manager in Identity & Network Access Division. If you missed it, read the reasons and behind … Continue reading Join the Launch of Microsoft Security Insights on Microsoft Reactor
Tag: Defender
The Microsoft Security Insights Podcast is Coming to Microsoft Reactor
For fans of the weekly Microsoft Security Insights podcast, Frank, Edward, Brodie, and I have some awesome news to share. The popularity of the podcast continues to grow. Not only is the listener audience in an exploding growth spurt, but there are many security experts coming out of the woodwork asking to come on the … Continue reading The Microsoft Security Insights Podcast is Coming to Microsoft Reactor
All the Ways to Read the Weekly Newsletters for Microsoft Sentinel and Microsoft Defender
The weekly newsletters for Microsoft Sentinel and Defender continue to skyrocket in subscribers. It's amazing how far each of these resources have come and how dedicated and loyal the inbox subscribers are. But there are many out there that prefer not to receive yet another newsletter in their inbox, or who would like to sample … Continue reading All the Ways to Read the Weekly Newsletters for Microsoft Sentinel and Microsoft Defender
The Unified Microsoft Sentinel and Microsoft 365 Defender Repository
As product and services always to continue to align its great to see movement in areas that provide pure value. The Microsoft Sentinel GitHub repository has now made room to house Microsoft 365 Defender Hunting queries. KQL is the tie that binds these two security services, and because of that, Hunting queries for Microsoft 365 … Continue reading The Unified Microsoft Sentinel and Microsoft 365 Defender Repository
Must Learn KQL Part 13: The Extend Operator
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 13: The Extend Operator
KQL Basics and Advanced KQL Hunting for Microsoft 365 Defender
Since it seems I've become all things KQL for our security platforms (which I don't mind at all, btw), I thought I'd step outside the Sentinel realm for a moment and share some recent releases for using KQL with Microsoft 365 Defender. Here's some awesome video content learning... M365D KQL Basics: https://cda.ms/3D3 M365D Advanced Hunting: … Continue reading KQL Basics and Advanced KQL Hunting for Microsoft 365 Defender
“Server error Category A is not supported” message when enabling Microsoft Defender for Office 365 in the Microsoft Sentinel Connector
Recently, a few of us were confused about an error message that exhibited itself when attempting to enable the Microsoft Defender for Office 365 option in the Microsoft 365 Defender connector for Microsoft Sentinel. Never experiencing something like this yourself, makes it even more difficult to troubleshoot. You know the scenario - user or customer … Continue reading “Server error Category A is not supported” message when enabling Microsoft Defender for Office 365 in the Microsoft Sentinel Connector
Must Learn KQL Part 11: The Summarize Operator
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 11: The Summarize Operator
New Year’s Resolution: Must Learn KQL in 2022
For those that missed the notification, I'm still off of work until the first week of January. But I'm finding that I truly am a victim of tech FOMO. It's really hard for me to completely shut down and walk away. But this isn't a new phenomenon. I've experienced this my whole professional, adult life. … Continue reading New Year’s Resolution: Must Learn KQL in 2022
Must Learn KQL Part 9: The Limit and Take Operators
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 9: The Limit and Take Operators
You must be logged in to post a comment.