Microsoft Sentinel – Automation Examples
This post looks at automation examples in Microsoft Sentinel to showcase some key use cases for automating tasks.
Microsoft Sentinel – Migrating to another Subscription
This post details a few options for migrating Microsoft Sentinel between Azure subscriptions and resource groups.
Microsoft Sentinel – Using Azure Lighthouse
This article provides the steps taken to implement Azure Lighthouse for multi-tenant management of Microsoft Sentinel instances.
Microsoft Sentinel & Azure Arc – Troubleshooting Windows Event Logs
This post details troubleshooting steps to take when Windows event logs are not being ingested into Microsoft Sentinel via Azure Arc VMs.
Microsoft Sentinel – History of SIEM
SIEM technology began in the 1990s to centralise logs, evolved to real-time event analysis, and now uses machine learning for proactive threat detection.
Microsoft Sentinel – SIEM World Terminology
Microsoft Sentinel requires understanding SIEM concepts and terminology including SOC, SOAR, parsing, syslog, CEF, LEEF, CTI, TAXII, and STIX. Future posts will explore these further.
The Key to Strong, Affordable Authentication
A quick article on Yubikeys and how they can be a cost effective means of improving your Security.
Hacking the Human Mind with Social Engineering
Hacking doesn’t always need to be done with a computer, it can be done with words.
Single Sign-On and Multi-Factor Authentication
An introduction to Single Sign-On, SAML and MFA.
Acronyms in IT
A ‘short’ list of Acronyms I have come across since working in IT. This isnt a full list but I will be sure to add to it! ACL Access Control List AP Access Point ADFS Active Directory Federation Service ARP Address Resolution Protocol AES Advanced Encryption Standard APT Advanced Persistent Threat ATP Advanced Threat Protection […]