Recent Blog ArticlesNewest TopicsMost LikesTagged:TagInvestigating Suspicious Azure Activity with Microsoft Sentinel This introductory blog post is the first in a series taking a closer look at how to explore potentially suspicious operations within the Azure environment. Azure Sentinel SQL Solution Query Deep-Dive Explore the queries develop by Microsoft Threat Intelligence Center (MSTIC) and Azure Defender and released as part of the Azure SQL Solution. Web Shell Threat Hunting with Azure Sentinel In this blog post we will provide Microsoft Azure Sentinel customers with hunting queries to investigate possible on-prem Exchange Server exploitation and identify additional attacker IOCs (In...Microsoft Ignite 2021: Blob and File Storage Investigations On March 2 nd 2021 we released a demo as part of Microsoft Ignite Spring 2021, this blog post expands on that demo to show new ways to hunt through Azure Storage. Expanding Microsoft Teams Log Data in Azure Sentinel Learn how to extract Teams file sharing and call records logs using Azure Sentinel. Analysing Web Shell Attacks with Azure Defender data in Azure Sentinel Understand web shell attacks in more detail using Azure Sentinel and data from and Azure Defender and App Services logging. Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection Explore Microsoft Defender ATP web shell alerts in Azure sentinel, identify attacker details from network logging, automate the investigation with a Jupyter notebook, and feed indicators b...
MicrosoftMicrosoftMicrosoftMicrosoft
