Introduction: Azure Sentinel is a cloud native SIEM solution that leverages, the power of Artificial Intelligence to analyze large data volumes at scale. It provides a lot of capabilities and it’s a solution that I highly can recommend to both SOC Analysts and Threat Hunters. Today in my blog post. I’m going to describe aContinue reading “Hunting TTPs with Azure Sentinel”
Folks, Since a lot of people are into Azure Sentinel. I’ve decided to share a documentation that walks you through the different steps to understand the basic concepts of Kusto Query Language (KQL). KQL is the core fundamentals in Azure Sentinel to search and analyze data. This is also why it’s worth to understand howContinue reading “Kusto Query Internals – Azure Sentinel Reference”
Follow My Blog
Get new content delivered directly to your inbox.