June 24, 2022
Published by Rod Trent on June 24, 2022
Categories

Spice Up Your Microsoft Sentinel KQL Query Results with Emoji

Here’s a little-known tip that can help brighten an otherwise mundane query existence. Instead of producing the normal query results of boring and blah rows and […]
Do you like it?0
Read more
June 22, 2022
Published by Rod Trent on June 22, 2022
Categories

How to Use Threatview.io Threat Intelligence Feeds with Microsoft Sentinel

Threatview.io provides some excellent threat intelligence feeds that can be used with Microsoft Sentinel as external sources. The Threatview.io feeds are updated regularly – generated daily […]
Do you like it?0
Read more
June 22, 2022
Published by Rod Trent on June 22, 2022
Categories

How to Get a List of Your Active Analytics Rules for Microsoft Sentinel

Though I’ve used the Workspace Usage Report Workbook a hundred times or more, I’ve never quite identified this little treasure myself. There’s a number of times […]
Do you like it?0
Read more
June 22, 2022
Published by Rod Trent on June 22, 2022
Categories

How to Import One or Multiple Analytics Rules into Microsoft Sentinel

There are a few PowerShell options out there (including the official module) to help automate content and collateral deployment to your Microsoft Sentinel workspace. But the […]
Do you like it?0
Read more
June 2, 2022
Published by Rod Trent on June 2, 2022
Categories

How to Query HaveIBeenPwned Using a Microsoft Sentinel Playbook

I’ve known Troy Hunt for a number of years and his contributions to the security and privacy industry have been hugely valuable and much appreciated by […]
Do you like it?0
Read more
June 1, 2022
Published by Rod Trent on June 1, 2022
Categories

How to Use a Playbook to Add Geographical Data for IP Addresses to a Microsoft Sentinel Incident

We have a Playbook out on the official GitHub Repo that queries the IP-API.com website with IP addresses and then writes the geographical information to an […]
Do you like it?0
Read more