June 04, 20229 min read

Add Twitter Threat Intelligence to Microsoft Sentinel

In this post we will dig down into the twitter.threatintel.rocks site and how we can use that as an TI feed to Microsoft Sentinel with PowerShell and Azure Automation Account

May 12, 202213 min read

RDP Honeypot and Microsoft Sentinel Workbook

Don't open EVERYTHING to EVERYONE. And for... use strong passwords.

January 31, 20223 min read

Ubiquiti UniFi with Microsoft Sentinel

How can we connect Ubiquiti UniFi to Microsoft Sentinel to be able to look at the logs and data? What do we need to install to make this happend and what's included in the solution at Content Hub? Let's find out!

January 10, 20226 min read

Azure Cost Management API, Forecast and Power BI

How does Azure Cost Management API work with forecasts, and Power BI visualizations, and how can we find out more about those API's - Let's find out!

December 21, 20217 min read

Add Hunting Queries (for Log4Shell) faster to Microsoft Sentinel

Do you find it hard to add all of the Hunting Queries available to your Microsoft Sentinel Hopefully I have a PowerShell script that can help you.

December 02, 20212 min read

Protect Teams with Microsoft Sentinel - Part 4

In this post we will look at one of the LogicApp that was included in the Teams solution that we installed in Part 2 of this series.

November 21, 20215 min read

Hunt for Guests inviting other guests with Microsoft Sentinel

Are we vulnerable by default? And can we hunt our guests? Warning - we cannot see all...

November 16, 202117 min read

Welcome Sweden Central - Which Azure Resources are available?

Today is the day - Sweden Central is offically open! But wait, which Azure resources are available to us and where's the prices?

November 09, 202110 min read

Protect Teams with Microsoft Sentinel - Part 3

In the two first posts in this series we went over how to enabled Office 365 Audit Logs, how we enabled the Office 365 data connector and…

November 04, 20212 min read

My view on Microsoft certifications

My first Microsoft exam was at March, 2016 and it was for the Windows Server 2012 (Exam 70-410). I was so nervous and I wrote it at a test…

November 03, 20213 min read

Protect Teams with Microsoft Sentinel - Part 2

In the first part of this series we enabled the logging capability of Microsoft Teams into Microsoft (previously Azure) Sentinel. In this post we will focus on enabling a solution from the new Content Hub within Sentinel.

November 01, 20214 min read

Protect Teams with Azure Sentinel

It’s really no news that Microsoft Teams have been growing so much during the pandemic and many companies have been forced to take the…

October 28, 20211 min read

New fresh start

Time really flyes. It's been too looooong since I did any writing in this blog. So time to get back to it, and to get some motivation...

August 12, 20192 min read

Restore-OneDrive (the PowerShell way)

Recently I moved from OneDrive to OneDrive for Business (which is not automated task by the way…) and was hoping to have more control over my data...

May 06, 20191 min read


To automate things, that’s why Snover did create PowerShell for, we sometimes need to pre-provision users OneDrive storage...

November 26, 20181 min read

Microsoft Teams: Tip of the day - Bookmark messages

In Teams we can save (or bookmark) chat conversations, mentions, and other type of notifications so we can respond...

November 20, 20181 min read

Microsoft Teams: Tip of the day - Do Not Disturb

You may noticed the Search bar in Microsoft Teams, but have you used it yet? No? Here’s one quick tip! If you type the slash-sign “/” you…

November 17, 20182 min read

Microsoft Teams: Dynamic Group Membership

Really cool feature within Azure Active Directory. I have created a few Dynamic Groups, both for users but also for devices like “All Windows 10 Clients”, “All iPhones” and so on…

September 04, 20183 min read

Direct Access and Azure Traffic Manager

I was setting up an Direct Access Multisite deployment and wanted to use Azure Traffic Manager as an GSLB solution. It should work and I was reading about it at Richard Hicks blog...