Subscribe
Sign in
Home
Podcast
Notes
Chat
Blogs
Show Schedule
Show News
Archive
Leaderboard
About
Blogs
Latest
Top
Discussions
Using KQL in a Playbook for Sentinel
Fun with parsing JSON
Nov 22, 2023
•
Andrea Fisher
11
Share this post
Using KQL in a Playbook for Sentinel
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
4
Modifying the Sentinel Costs workbook
Do you have more than one Sentinel Workspace?
Oct 5, 2023
•
Andrea Fisher
24
Share this post
Modifying the Sentinel Costs workbook
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
Is AI taking over the world?
Is it secret? Is it safe?
Jun 15, 2023
•
Andrea Fisher
and
Rod Trent
6
Share this post
Is AI taking over the world?
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
1
How are you protecting your local admin passwords?
Local admin passwords have long been the bane of an administrator’s life.
Jun 1, 2023
•
Andrea Fisher
4
Share this post
How are you protecting your local admin passwords?
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
DMARCy MARC and the funky bunch
Otherwise known as the benefits of DMARC in your environment
May 26, 2023
•
Andrea Fisher
8
Share this post
DMARCy MARC and the funky bunch
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
3
Workbooks, Playbooks and Notebooks. Oh my!
I published this blog originally a few years ago but we still have newcomers joining us in the Sentinel world so though it was worth a repost.
May 3, 2023
•
Andrea Fisher
5
Share this post
Workbooks, Playbooks and Notebooks. Oh my!
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
Logs, logs and more logs
I recently wrote a blog called What should I log in my SIEM? and someone recommended that I do a follow up on what Windows Event logs are helpful in…
Apr 12, 2023
•
Andrea Fisher
8
Share this post
Logs, logs and more logs
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
1
What should I log in my SIEM?
Assessing the value of data
Mar 8, 2023
•
Andrea Fisher
20
Share this post
What should I log in my SIEM?
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
4
Don't tamper with my data!
As a follow up to our great podcast with Josh Bregman last week, @RodTrent suggested I write a blog about the Tamper Protection feature in Microsoft…
Feb 16, 2023
•
Andrea Fisher
2
Share this post
Don't tamper with my data!
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
ChatGPT error
New tools are always a learning experience
Feb 6, 2023
•
Andrea Fisher
5
Share this post
ChatGPT error
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
1
Stop letting users increase your vulnerability – turn off user application consent
Application consent (sometimes called OAuth consent) is the process of a user granting authorization to an application to access protected resources on…
Jan 23, 2023
•
Andrea Fisher
5
Share this post
Stop letting users increase your vulnerability – turn off user application consent
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
Four things you can do to make your environment safer in less than five minutes
As the new year approaches, we often make resolutions in our personal life – things we can do to make our lives better.
Jan 9, 2023
•
Andrea Fisher
4
Share this post
Four things you can do to make your environment safer in less than five minutes
www.microsoftsecurityinsights.com
Copy link
Facebook
Email
Note
Other
2
Share
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts