User Profile
ianhelle
MicrosoftJoined 6 years ago
User Widgets
Recent Discussions
Using Jupyter notebooks with Azure Sentinel? New version of msticpy Python tools released.
Just released new version (0.3.2) ofmsticpy(Python security tools for CyberDefenseJupyterNotebooks) This release is mostly maintenance and housekeeping but we've started exposing msticpy functionality aspandasextensions. What does that mean? Instead of building your pandas DataFrame and then passing it to the event TimeLine plot function, you can just call it directly as a method of the DataFrame - just like the built-in pandas plot() functions! Thank you pandas! Also added two Jupyter/IPython magics: %%b64 and %%ioc. You can use the Base64/zip/tar/gz decoding and IoC extraction functions on text pasted directly into a notebook cell. GitHub Release notes You can install from PyPi "pip install msticpy" Full documentation:Msticpy ReadtheDocsUsing Jupyter Notebooks for CyberSecurity Hunting
We've start a blog companion to the #AzureSentinel Community. I've recently posted 2 articles on using Jupter Notebooks in Azure Sentinel for hunting and investigation. Security Investigation with Azure Sentinel and Jupyter Notebooks – Part 1 Security Investigation with Azure Sentinel and Jupyter Notebooks – Part 2 (3rd and final part coming shortly). Also check out this article if Jupyter is new to youWhy Use Jupyter for Security Investigations? Also check outshainw's article onAzure Sentinel: Performing Additional Security Monitoring of High-Value Accounts. Feedback (including requests for future subjects) is very much welcome. Ian
