Recent Blog ArticlesMost RecentMost LikesInvestigating Suspicious Azure Activity with Microsoft Sentinel This introductory blog post is the first in a series taking a closer look at how to explore potentially suspicious operations within the Azure environment. Azure Sentinel SQL Solution Query Deep-Dive Explore the queries develop by Microsoft Threat Intelligence Center (MSTIC) and Azure Defender and released as part of the Azure SQL Solution. Microsoft Ignite 2021: Blob and File Storage Investigations On March 2 nd 2021 we released a demo as part of Microsoft Ignite Spring 2021, this blog post expands on that demo to show new ways to hunt through Azure Storage. Expanding Microsoft Teams Log Data in Azure Sentinel Learn how to extract Teams file sharing and call records logs using Azure Sentinel. Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection Explore Microsoft Defender ATP web shell alerts in Azure sentinel, identify attacker details from network logging, automate the investigation with a Jupyter notebook, and feed indicators b...Web Shell Threat Hunting with Azure Sentinel Inthisblog post we willprovideMicrosoftAzure Sentinelcustomers withhunting queries toinvestigatepossibleon-premExchangeServerexploitation and identifyadditionalattackerIOCs (In...Analysing Web Shell Attacks with Azure Defender data in Azure Sentinel Understand web shell attacks in more detail using Azure Sentinel and data from and Azure Defender and App Services logging.
MicrosoftMicrosoftMicrosoftMicrosoft
