KQL Query
Posts
Categories
whoami
Projects
KQL News
KQL Query
Cancel
Posts
Categories
whoami
Projects
KQL News
All Categories
KQL
Investigating Microsoft Graph Activity Logs
Sentinel Automation Part 1: Enriching Sentinel Incidents with KQL Results
Detecting Post-Exploitation Behaviour
Incident Response PowerShell V2
KQL Security Sources - 2024 Update
More >>
Sentinel
Investigating Microsoft Graph Activity Logs
Sentinel Automation Part 1: Enriching Sentinel Incidents with KQL Results
Detecting Post-Exploitation Behaviour
KQL Security Sources - 2024 Update
From Threat Report to (KQL) Hunting Query
More >>
Defender For Endpoint
Detecting Post-Exploitation Behaviour
KQL Security Sources - 2024 Update
From Threat Report to (KQL) Hunting Query
Incident Response Part 3: Leveraging Live Response
Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition)
More >>
Detection Engineering
Investigating Microsoft Graph Activity Logs
Detecting Post-Exploitation Behaviour
KQL Functions For Network Operations
KQL Functions For Security Operations
Incident Response
Incident Response PowerShell V2
Incident Response Part 3: Leveraging Live Response
Incident Response Part 2: What about the other logs?
Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition)
PowerShell
Incident Response PowerShell V2
Incident Response Part 3: Leveraging Live Response
Incident Response Part 2: What about the other logs?
Threat Hunting: Encoded PowerShell
Threat Hunting
Investigating Microsoft Graph Activity Logs
From Threat Report to (KQL) Hunting Query
Threat Hunting: Encoded PowerShell
KQL Functions For Security Operations
Azure Data Explorer
Incident Response PowerShell V2
KQL Functions For Network Operations
Incident Response Part 2: What about the other logs?
SOC
Sentinel Automation Part 1: Enriching Sentinel Incidents with KQL Results
KQL Functions For Network Operations
KQL Functions For Security Operations
Automation
Sentinel Automation Part 1: Enriching Sentinel Incidents with KQL Results
Defender For Ednpoint
Prioritize Vulnerabilities Using The CISA Known Exploited Vulnerabilities Catalog
Networking
KQL Functions For Network Operations
Vulnerability Management
Prioritize Vulnerabilities Using The CISA Known Exploited Vulnerabilities Catalog