Latest Posts

kql kusto agency

Unlock the Ultimate Defense: Top 3 Hunting Queries for Ransomware Protection in Microsoft Sentinel

🛡️Unlock the Ultimate Defense: Top 3 Hunting Queries for Ransomware Protection in Microsoft Sentinel🛡️ 📝Actor has gained access to your network and tries to execute ransomware. 🏹Query: DeviceEvents | where Timestamp > ago(30d) | where ActionType has_any (‘AsrRansomwareBlocked’, ‘AsrRansomwareAudited’) | summarize arg_max(Timestamp, *), TotalEvents = count(), TriggeredFiles = make_set(FileName), FileHashes = make_set(SHA1), IntiatingProcesses = make_set(InitiatingProcessCommandLine) by DeviceName, AccountName | project

itc security summit

Get ready to discover the future of cyber security at the ITC Cyber Summit 2023, where I’ll be sharing my insights on the most impactful trends in the industry

Get ready to discover the future of cyber security at the ITC Cyber Summit 2023, where we’ll be sharing insights on the most impactful trends in the industry. More information can be found below. ITC Secure 3h • 3 hours ago Announcing the 2023 ITC Cyber Summit headline speakers: ✔️ Dave Cartwright, Head of Technology Operations & Risk / Chief Information

purview information protection

Streaming Data from Microsoft Purview to Microsoft Sentinel: Unlocking the Potential of Information Protection

🔐Streaming Data from Microsoft Purview to Microsoft Sentinel: Unlocking the Potential of Information Protection🔐 With the Microsoft Purview Information Protection connector, you can stream auditing events generated from unified labeling clients and scanners. The data is then emitted to the Microsoft 365 audit log for central reporting in Microsoft Sentinel. 📝With the connector, you can: ✔️Track adoption of labels, explore,

the-kusto-query-language-let-statement-

Master the Art of Microsoft Advanced Hunting: KQL Queries Best Practices for Uncovering Hidden Threats

🛡️Master the Art of Microsoft Advanced Hunting: KQL Queries Best Practices for Uncovering Hidden Threats🛡️ Apply these recommendations to get results faster and avoid timeouts while running complex queries. 📝Action: Time filters Use: Use time filters first Notes: Kusto is highly optimized to use time filters. 📝Action: String operators Use: use the has operator Don’t use: Don’t use contains Notes: When looking for

José Pinos

As a Security Solution Architect at Microsoft, José Lázaro Pinos is dedicated to helping Microsoft partners grow their security practice while taking advantage of the latest security offerings from Microsoft. His goal is to assist organisations in successfully undergoing digital transformation and embracing new work models while also maintaining high security standards. Microsoft Security – the way to go!