Introduction: I’ve been digging into KQL for a quite some time, and I often get the question if I could help someone out with building a KQL query. This has motivated me to release a first edition of KQL Internals, which has received a lot of positive feedback from the community. KQL Internals is aContinue reading “Become a KQL Ninja”
Introduction: Azure Sentinel is a cloud native SIEM solution that leverages, the power of Artificial Intelligence to analyze large data volumes at scale. It provides a lot of capabilities and it’s a solution that I highly can recommend to both SOC Analysts and Threat Hunters. Today in my blog post. I’m going to describe aContinue reading “Hunting TTPs with Azure Sentinel”
Follow My Blog
Get new content delivered directly to your inbox.