Azure Sentinel

Home

Options

1,271

Ashwin_Patil on 06-10-2019 07:44 AM

This article will continue discussion on practical time series analysis applications in security with another use case f...

1,620

ianhelle on 06-05-2019 05:02 PM

Browse, convert and test Sigma rules for use in Azure Sentinel.

1,569

Ashwin_Patil on 05-15-2019 07:00 AM

This article provides a practical outline for using Time Series analysis to surface anomalies on security event log data...

1,820

ianhelle on 05-13-2019 06:32 AM

In part 3 we investigate Windows logon sessions and processes, and look at O365 activity. Also show how to use clusterin...

1,716

Tim Burrell (MSTIC) on 05-01-2019 08:34 AM

This article expands on the time series analysis example given in the "Machine learning powered detections with Kusto qu...

2,372

ianhelle on 04-25-2019 05:11 PM

In this second part we examine a Linux host for signs of compromise and look at network flows to trace where else our at...

1,476

ianhelle on 04-22-2019 08:27 AM

"Why would I use Jupyter notebooks to work with Azure Sentinel data rather than the built-in query and investigation too...

5,258

ianhelle on 04-16-2019 08:22 AM

This is first of a three-part series about using Jupyter notebooks in Azure Sentinel to trace the path of a security bre...

3,893

shainw on 04-11-2019 09:00 AM

Most environments have high-value accounts and are often attacked. This post shows high-value account monitoring using A...

Time Series visualization of Palo Alto logs to detect data exfiltration