Jun 27 2022 02:52 AM
Hi All,
I have set myself up a Defender test lab and I have my DC connected to Defender for Identity and I have 2 user machines that are onboarded to Defender for Endpoint. I also have all the relevant integrations in place with Azure Sentinel also configured.
I am looking to start generating alerts by using various tools on my machines to recreate the kind of activity that would require investigation
Does anyone know of any resources/guides that can teach me how to begin to perform activities that would generate these alerts. Like Lateral Movement and LDAP reconnaissance etc?
Jul 06 2022 07:47 AM