security automation blog

infernux.no
  • Archive
  • About me

Simple security in Azure DevOps pipelines

Quick introduction to starting pipelines with webhook triggers and (hopefully) making them secure-ish

Posted on October 28, 2022

Introduction [Read More]
Tags: Cloud Security, Azure DevOps, Webhook triggers, Pipelines

IP Allowlisting in Microsoft Sentinel Playbooks

Quick introduction to IP allowlisting in Microsoft Sentinel and some thoughts around how to (not) implement it.

Posted on October 26, 2022

Allowlisting introduction [Read More]
Tags: Cloud Security, Microsoft Sentinel, Playbooks

Enable Defender for DevOps in Azure DevOps pipelines

Quick introduction to Defender for DevOps and how to enable it in an Azure DevOps pipeline.

Posted on October 13, 2022

Introduction [Read More]
Tags: Cloud Security, Defender for Cloud, Defender for DevOps, Azure DevOps

Creating smart Data Collection Rules by parsing EventIDs from Analytic Rules

Data Collection Rules allows us to create custom filters based on XPath-queries. If we do this based on active Analytic Rules, we can create DCRs that only ingest the data we actually have detection for.

Posted on October 4, 2022

Introduction [Read More]
Tags: Microsoft Sentinel, Active Directory, Azure Monitor Agent, Azure Arc, Data Collection Rules, Windows Security Events

Azure Lighthouse 101

What is Azure Lighthouse, what does it do and how does it do it?

Posted on September 21, 2022

Introduction [Read More]
Tags: Azure, Azure Lighthouse, ARM Template, Managed Services
  • ← Newer Posts
  • Older Posts →
  • Twitter
  • Email me
  • RSS

infernuxmonster  •  2023  •  Infernux.no

Theme by beautiful-jekyll