Introduction
[Read More]
IP Allowlisting in Microsoft Sentinel Playbooks
Quick introduction to IP allowlisting in Microsoft Sentinel and some thoughts around how to (not) implement it.
Allowlisting introduction
[Read More]
Enable Defender for DevOps in Azure DevOps pipelines
Quick introduction to Defender for DevOps and how to enable it in an Azure DevOps pipeline.
Introduction
[Read More]
Creating smart Data Collection Rules by parsing EventIDs from Analytic Rules
Data Collection Rules allows us to create custom filters based on XPath-queries. If we do this based on active Analytic Rules, we can create DCRs that only ingest the data we actually have detection for.
Introduction
[Read More]
Azure Lighthouse 101
What is Azure Lighthouse, what does it do and how does it do it?
Introduction
[Read More]