User Profile

Cyb3rWard0g

Iron Contributor

Joined 6 years ago

17 Posts43 Likes

View All Badges

User Widgets

Recent Discussions

No content to show

Recent Blog Articles

Enabling AD FS Security Auditing 📡 and Shipping Event Logs to Microsoft Sentinel 🛡️
Active Directory Federation Service (AD FS) enables Federated Identity and Access Management by securely sharing digital identity and entitlements rights across security and enterprise boundaries. AD...
Aug 26, 2022 Place Microsoft Sentinel Blog
37KViews
3likes
0Comments
Automating the deployment of Sysmon for Linux 🐧 and Azure Sentinel in a lab environment 🧪
Today, we celebrate 25 years of Sysinternals, a set of utilities to analyze, troubleshoot and optimize Windows systems and applications. Also, as part of this special anniversary, we are releasing Sy...
Oct 14, 2021 Place Microsoft Sentinel Blog
200KViews
2likes
4Comments
Azure Sentinel To-Go! A Linux 🐧 Lab with AUOMS Set Up to Learn About the OMI Vulnerability 💥
In this post, I will show you how to automatically deploy a research lab environment with Azure Sentinel, a few Linux virtual machines and the Microsoft Audit Collection Tool (AUOMS) set up to unders...
Sep 22, 2021 Place Microsoft Sentinel Blog
22KViews
2likes
1Comment
Testing the New Version of the Windows Security Events Connector with Azure Sentinel To-Go!
Last week, on Monday June 14th, 2021, a new version of the Windows Security Events data connector reached public preview. This is the first data connector created leveraging the new generally availab...
Jun 25, 2021 Place Microsoft Sentinel Blog
36KViews
6likes
10Comments
Azure Sentinel To-Go (Part2): Integrating a Basic Windows Lab 🧪 via ARM Templates 🚀
Most of the time when we think about the basics of a detection research lab, it is an environment with Windows endpoints, audit policies configured, a log shipper, a server to centralize security eve...
Oct 05, 2020 Place Microsoft Sentinel Blog
17KViews
6likes
2Comments
Azure Sentinel To-Go (Part1): A Lab w/ Prerecorded Data 😈 & a Custom Logs Pipe via ARM Templates 🚀
In this post, I show you how to use ARM templates to deploy an Azure Sentinel solution and ingest pre-recorded datasets via a python script, Azure Event Hubs and a Logstash pipeline.
Mar 27, 2020 Place Microsoft Sentinel Blog
68KViews
20likes
25Comments