Office 365 - Sentinel

Practical Sentinel: Ingesting Networking Data in Microsoft Sentinel

Thijs Lecomte — Tue, 13 Aug 2024 10:00:00 +0000

In this episode of Practical Sentinel, Thijs describes the different ingestion methods, how to choose the best method, and advises how to filter the ingested data.

The post Practical Sentinel: Ingesting Networking Data in Microsoft Sentinel appeared first on Practical 365.

Practical Sentinel: Adding Networking Data to Microsoft Sentinel

Thijs Lecomte — Mon, 15 Jul 2024 10:00:00 +0000

Are you looking to ingest your data into Sentinel? In this episode of Practical Sentinel, we review use cases and tips for ingesting networking data into Sentinel.

The post Practical Sentinel: Adding Networking Data to Microsoft Sentinel appeared first on Practical 365.

Practical Sentinel: Auditing Multifactor Authentication with Sentinel

Thijs Lecomte — Wed, 05 Jun 2024 10:00:00 +0000

In this episode of Practical Sentinel, Thijs Lecomte discusses how to create some basic KQL queries to track MFA usage.

The post Practical Sentinel: Auditing Multifactor Authentication with Sentinel appeared first on Practical 365.

Practical Sentinel: Setting the Scene

Thijs Lecomte — Thu, 02 May 2024 10:00:00 +0000

Welcome to Practical Sentinel! In the introductory blog of this series, we review how Microsoft positions Sentinel, what capabilities the product includes, and what it does well.

The post Practical Sentinel: Setting the Scene appeared first on Practical 365.

Managing Exclusions for Microsoft Security Solutions

Thijs Lecomte — Thu, 28 Mar 2024 10:00:00 +0000

In this blog, Thijs Lecomte reviews Exclusion for Microsoft Security Solutions, why they are important, and how to manage them.

The post Managing Exclusions for Microsoft Security Solutions appeared first on Practical 365.

Practical Protection: Malicious Azure Account Takeovers and What You Should Do About Them

Paul Robichaux — Thu, 29 Feb 2024 11:00:00 +0000

In this blog, we review a new organized phishing campaign impacting Azure Cloud environments and discuss what to do if your organization happens to fall victim.

The post Practical Protection: Malicious Azure Account Takeovers and What You Should Do About Them appeared first on Practical 365.

Detecting Midnight Blizzard using Microsoft Sentinel

Thijs Lecomte — Wed, 14 Feb 2024 11:00:00 +0000

This blog reviews the Midnight Blizzard Attack, providing some hypothetical scenarios of what actually happened and how it could've been prevented.

The post Detecting Midnight Blizzard using Microsoft Sentinel appeared first on Practical 365.