Recent Blogs
5 MIN READ
Behind the Build is an ongoing series spotlighting standout Microsoft partner collaborations. Each edition dives into the technical and strategic decisions that shape real-world integrations—highligh...
Jun 30, 2026194Views
1like
0Comments
Co-authored with Lizet Pena, Caroline Mutua, Alvin Kua and Marco Sudahl
The portal change was the easy part. The real upside is the operating model it unlocks—generative AI in every workflow, behav...
Jun 30, 2026354Views
0likes
1Comment
Welcome back to What's new in Microsoft Sentinel. In June, Sentinel SIEM’s Advanced Security Information Model (ASIM) broadens its normalization, so one analytic rule can reach more sources with less...
Jun 30, 2026372Views
2likes
0Comments
Co-authored with Lizet Pena, Caroline Mutua, Alvin Kua and Marco Sudahl
The transition is not a project—it is a sequence of small, ordered decisions. Here is the readiness tool that scores your env...
Jun 29, 2026180Views
0likes
0Comments
Co-authored with Lizet Pena, Caroline Mutua, Alvin Kua and Marco Sudahl
Governance is the silent dependency every transition trips on. Read about how roles, data tiering, and multi-tenant operation...
Jun 25, 2026330Views
0likes
0Comments
Microsoft Sentinel platform offers a growing list of tools and features, with graph being a cornerstone capability.
Sentinel graph is a relationship-first method for organizing and querying data wi...
Jun 23, 2026749Views
1like
1Comment
14 MIN READ
Co-authored with Lizet Pena, Caroline Mutua, Alvin Kua and Marco Sudahl
How analytics rules, playbooks, workbooks, and hunting evolve in Defender—and why the new toolbelt makes detection engineerin...
Jun 18, 2026654Views
1like
1Comment
12 MIN READ
Co-authored with Lizet Pena, Caroline Mutua, Alvin Kua and Marco Sudahl
Incidents, alerts, correlation, and data—what actually changes with the new platform, and why it works in your favor.
When ...
Jun 17, 2026606Views
0likes
0Comments
TL;DR: New ASIM parsers for Azure Firewall, Key Vault, AWS CloudTrail (EC2, S3, IAM), and 10+ third-party products. Two new schemas — Asset Entities and AI Agent Events. Plus changelogs on GitHub a...
Jun 17, 2026616Views
1like
0Comments
As organizations accelerate adoption of AI agents across Microsoft 365 and enterprise environments, security teams face a fundamental shift:
Agents are becoming first-class identities and securing ...
Jun 16, 2026865Views
3likes
0Comments
Tags
- microsoft sentinel271 Topics
- siem108 Topics
- investigation107 Topics
- what's new106 Topics
- security96 Topics
- detection92 Topics
- hunting65 Topics
- soar50 Topics
- threat hunting44 Topics
- data collection42 Topics