Defender for Endpoint - Category - KQLQuery.com

Posts Categories whoami Projects Events KQL News

Posts Categories whoami Projects Events KQL News

Defender for Endpoint

2025

Investigating ClickFix Incidents 05-06

Monitor For New Actions In Sentinel And MDE 01-30

KQL Sources - 2025 Update 01-02

2024

Unleash The Power Of DeviceTvmInfoGathering 10-10

Audit Defender XDR Activities 05-30

Detecting Post-Exploitation Behaviour 02-29

KQL Security Sources - 2024 Update 01-14

2023

Prioritize Vulnerabilities Using The CISA Known Exploited Vulnerabilities Catalog 12-21

From Threat Report to (KQL) Hunting Query 11-29

Incident Response Part 3: Leveraging Live Response 10-26

Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition) 09-29

Threat Hunting: Encoded PowerShell 09-21

KQL Functions For Security Operations 09-15

2023 - 2025 | ©