security automation blog

infernux.no
  • Archive
  • About me

Security Monitoring - Developing Use Cases

Some thoughts on developing use cases and the importance of detection engineering

Posted on September 17, 2023

Table of contents [Read More]
Tags: Security, Monitoring, SIEM, Use Cases, Microsoft Sentinel

Figuring out MISP2Sentinel Event Filters

How they work, how to use them and some (hopefully not horrible) examples.

Posted on September 2, 2023

Table of contents [Read More]
Tags: MISP, Threat Intelligence, Microsoft Sentinel, IOC

Use Update Indicators API to push Threat Intelligence from MISP to Microsoft Sentinel

A quick intro on how to set up MISP, Azure Functions and Sentinel to push threat intelligence from MISP to Sentinel

Posted on August 3, 2023

MISP2Sentinel [Read More]
Tags: Cloud Security, Microsoft Sentinel, Data Connectors, Azure Functions, Automation, MISP, Upload Indicators API

Pushing Threat Intelligence from MISP to Microsoft Sentinel

A quick intro on how to set up MISP, Azure Functions and Sentinel to push threat intelligence from MISP to Sentinel

Posted on June 4, 2023

Background [Read More]
Tags: Cloud Security, Microsoft Sentinel, Data Connectors, Azure Functions, Automation, MISP

Increasing the default timeout of Azure Functions

Azure Functions are used for most data connectors, but some of them have a very low default timeout.

Posted on June 2, 2023

Background [Read More]
Tags: Cloud Security, Microsoft Sentinel, Data Connectors, Azure Functions, Automation, MISP
  • Older Posts →
  • Email me
  • RSS

infernuxmonster  •  2023  •  Infernux.no

Theme by beautiful-jekyll