KQL Query
Posts Categories whoami Projects Events KQL News
KQL Query
Cancel
PostsCategorieswhoamiProjectsEventsKQL News

 Defender for Endpoint

2025

Investigating ClickFix Incidents 05-06
Monitor For New Actions In Sentinel And MDE 01-30
KQL Sources - 2025 Update 01-02

2024

Unleash The Power Of DeviceTvmInfoGathering 10-10
Audit Defender XDR Activities 05-30
Detecting Post-Exploitation Behaviour 02-29
KQL Security Sources - 2024 Update 01-14

2023

Prioritize Vulnerabilities Using The CISA Known Exploited Vulnerabilities Catalog 12-21
From Threat Report to (KQL) Hunting Query 11-29
Incident Response Part 3: Leveraging Live Response 10-26
Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition) 09-29
Threat Hunting: Encoded PowerShell 09-21
KQL Functions For Security Operations 09-15
2023 - 2025  | ©