Microsoft Sentinel and Azure OpenAI
In this first of many posts we will activate the power of Azure OpenAI together with Microsoft Sentinel, this dynamic duo will for sure empower security teams.
Posts by Tag
- Sentinel 13
- Azure 5
- Defender 4
- OneDrive 2
- Kusto 2
- Arc 2
- ESU 2
- AzureUpdateManager 2
- MDC 2
- DefenderforCloud 2
- CSPM 2
- Microsoft 365 1
- Certifications 1
- CostManagement 1
- OpenAI 1
- AI 1
- DevOps 1
- AzurePolicy 1
- Bicep 1
- GitHub 1
- Copilot for Security 1
Sentinel
Manual Microsoft Sentinel incident from an Azure Workbook
Perhaps not an ordinary use case but the ability to create a manual Microsoft Sentinel incident from an Azure Workbook, it’s that even possible?
Who Hacked?
Microsoft Cloud Learn Games, Who Hacked?
Kusto Detective Agency - Hints
More hints to get for the Kusto Detective Agency contest - things aren’t always what they seem to be in Digitown
Add Twitter Threat Intelligence to Microsoft Sentinel
In this post we will dig down into the twitter.threatintel.rocks site and how we can use that as an TI feed to Microsoft Sentinel with PowerShell and Azure A...
RDP Honeypot and Microsoft Sentinel Workbook
Don’t open EVERYTHING to EVERYONE. And for… use strong passwords.
Ubiquiti UniFi with Microsoft Sentinel
Introduction So I just needed to try out this solution available in Microsoft Sentinel, or as it called now - Content Hub. The Ubiquiti UniFi solution will g...
Add Hunting Queries (for Log4Shell) faster to Microsoft Sentinel
Do you find it hard to add all of the Hunting Queries available to your Microsoft Sentinel Hopefully I have a PowerShell script that can help you.
Protect Teams with Microsoft Sentinel - Part 4
In this post we will look at one of the LogicApp that was included in the Teams solution that we installed in Part 2 of this series.
Hunt for Guests inviting other guests with Microsoft Sentinel
Are we vulnerable by default? And can we hunt our guests? Warning - we cannot see all…
Protect Teams with Microsoft Sentinel - Part 3
In this post we will look into some of the Sentinel Analytic Rules for Microsoft Teams
Protect Teams with Microsoft Sentinel - Part 2
In the first part of this series we enabled the logging capability of Microsoft Teams into Microsoft (previously Azure) Sentinel. In this post we will focus ...
Protect Teams with Azure Sentinel
Start hunting Microsoft Teams activities with Azure Sentinel
Azure
Fixing Azure SQL long-term backup retention restore
How you can fix the Azure SQL long-term backup retention restore error âś…
Kusto Detective Agency - Hints
More hints to get for the Kusto Detective Agency contest - things aren’t always what they seem to be in Digitown
Welcome Sweden Central - Which Azure Resources are available?
Introduction Today is the day - Sweden Central is offically open!
New fresh start
Time really flyes. It’s been too looooong since I did any writing in this blog. So time to get back to it, and to get some motivation…
Direct Access and Azure Traffic Manager
I was setting up an Direct Access Multisite deployment and wanted to use Azure Traffic Manager as an GSLB solution. It should work and I was reading about it...
Defender
Defender for Office 365 Blog Series - Part 3
🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with threat hunting
Defender for Office 365 Blog Series - Part 2
🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with email authentication protocols, the different licenses SKU types, and ho...
Defender for Office 365 Blog Series
🛡️Blog series about Microsoft Defender for Office 365 (MDO), how to get started with email authentication protocols, the different licenses SKU types, and ho...
Microsoft Defender External Attack Surface Management (EASM)
In this post we will look into getting started with Microsoft Defender External Attack Surface Management (EASM)
OneDrive
Restore-OneDrive (the PowerShell way)
Recently I moved from OneDrive to OneDrive for Business (which is not automated task by the way…) and was hoping to have more control over my data…
Request-OneDriveSite
To automate things, that’s why Snover did create PowerShell for, we sometimes need to pre-provision users OneDrive storage…
Kusto
Kusto Detective Agency - Season 2 Case 7
Kusto Detective Agency - Season 2 Case 7 additional hints and help
Kusto Detective Agency - Season 2 Case 6
Kusto Detective Agency - Season 2 Case 6 additional hints and help
Arc
New Patch Management tool in the cloud - Azure Update Manager (AUM) is now GA
Azure Update Manager (AUM) is now GA and is a new Patch Management tool in Azure that can be used to patch Windows and Linux systems in Azure, on-premises, a...
Windows Server 2012/2012 R2 - End of support, what to do with Security Updates?
Do you have Windows Server 2012/2012 R2 in your environment? If so, you need to read this post to understand what to do with security updates after the end o...
ESU
New Patch Management tool in the cloud - Azure Update Manager (AUM) is now GA
Azure Update Manager (AUM) is now GA and is a new Patch Management tool in Azure that can be used to patch Windows and Linux systems in Azure, on-premises, a...
Windows Server 2012/2012 R2 - End of support, what to do with Security Updates?
Do you have Windows Server 2012/2012 R2 in your environment? If so, you need to read this post to understand what to do with security updates after the end o...
AzureUpdateManager
New Patch Management tool in the cloud - Azure Update Manager (AUM) is now GA
Azure Update Manager (AUM) is now GA and is a new Patch Management tool in Azure that can be used to patch Windows and Linux systems in Azure, on-premises, a...
Windows Server 2012/2012 R2 - End of support, what to do with Security Updates?
Do you have Windows Server 2012/2012 R2 in your environment? If so, you need to read this post to understand what to do with security updates after the end o...
MDC
Configure Defender for Cloud workload protections with Azure Policy
This Azure Policy initiative enables and configures Defender for Cloud workload protections, including Defender for Storage Classic (per transaction) plan wi...
Demystifying Microsoft Defender for Cloud and Defender CSPM cost
Do you find it hard to understand the mapping of features and capabilities Microsoft Defender for Cloud and Defender CSPM can offer? And which features are i...
DefenderforCloud
Configure Defender for Cloud workload protections with Azure Policy
This Azure Policy initiative enables and configures Defender for Cloud workload protections, including Defender for Storage Classic (per transaction) plan wi...
Demystifying Microsoft Defender for Cloud and Defender CSPM cost
Do you find it hard to understand the mapping of features and capabilities Microsoft Defender for Cloud and Defender CSPM can offer? And which features are i...
CSPM
Configure Defender for Cloud workload protections with Azure Policy
This Azure Policy initiative enables and configures Defender for Cloud workload protections, including Defender for Storage Classic (per transaction) plan wi...
Demystifying Microsoft Defender for Cloud and Defender CSPM cost
Do you find it hard to understand the mapping of features and capabilities Microsoft Defender for Cloud and Defender CSPM can offer? And which features are i...
Microsoft 365
Restore-OneDrive (the PowerShell way)
Recently I moved from OneDrive to OneDrive for Business (which is not automated task by the way…) and was hoping to have more control over my data…
Certifications
My view on Microsoft certifications
My first Microsoft exam was at March, 2016 and it was for the Windows Server 2012 (Exam 70-410). I was so nervous and I wrote it at a test center in the town...
CostManagement
Azure Cost Management API, Forecast and Power BI
How does Azure Cost Management API work with forecasts, and Power BI visualizations, and how can we find out more about those API’s - Let’s find out!
OpenAI
Microsoft Sentinel and Azure OpenAI
In this first of many posts we will activate the power of Azure OpenAI together with Microsoft Sentinel, this dynamic duo will for sure empower security teams.
AI
Microsoft Sentinel and Azure OpenAI
In this first of many posts we will activate the power of Azure OpenAI together with Microsoft Sentinel, this dynamic duo will for sure empower security teams.
DevOps
Demystifying Microsoft Defender for Cloud and Defender CSPM cost
Do you find it hard to understand the mapping of features and capabilities Microsoft Defender for Cloud and Defender CSPM can offer? And which features are i...
AzurePolicy
Configure Defender for Cloud workload protections with Azure Policy
This Azure Policy initiative enables and configures Defender for Cloud workload protections, including Defender for Storage Classic (per transaction) plan wi...
Bicep
Deploy and destroy Copilot for Security with Bicep and GitHub Actions
Copilot for Security is now GA, how can we provision the service to save some money? Warning - Early Proof of Concept!
GitHub
Deploy and destroy Copilot for Security with Bicep and GitHub Actions
Copilot for Security is now GA, how can we provision the service to save some money? Warning - Early Proof of Concept!
Copilot for Security
Deploy and destroy Copilot for Security with Bicep and GitHub Actions
Copilot for Security is now GA, how can we provision the service to save some money? Warning - Early Proof of Concept!