Resources

A curated collection of tools, portals, and references I use and recommend for Microsoft Cloud security work.

Security Portals

Microsoft Defender XDR security.microsoft.com Microsoft Sentinel portal.azure.com/#blade/Microsoft_Azu... Defender for Cloud portal.azure.com/#view/Microsoft_Azur... Microsoft Entra ID entra.microsoft.com Microsoft Purview purview.microsoft.com All Microsoft Portals msportals.io

KQL Resources

KQL Quick Reference Microsoft's official KQL reference — operators, functions, and syntax Advanced Hunting Schema All tables available in Microsoft Defender XDR Advanced Hunting Sentinel KQL for Beginners Community KQL query library for Microsoft Sentinel KQL Search Community-driven KQL query search engine

Microsoft Learn Paths

SC-200 · Security Operations Analyst Microsoft Sentinel, Defender XDR SC-300 · Identity and Access Administrator Microsoft Entra ID, identity protection AZ-500 · Azure Security Engineer Azure security services and architecture SC-400 · Information Protection Admin Microsoft Purview and data governance

Community & Tools

Microsoft Tech Community — Security Official Microsoft security blog and community discussions GitHub — pthoor My public scripts, KQL queries, and automation tools Sessionize — Pierre Thoor My speaker profile and full session catalog

My Book

📘 Packt Publishing · 2024

Microsoft Defender for Identity in Depth

An exhaustive guide to ITDR, breach prevention, and cyberattack response

Get on Packt → Amazon