KQL Query
Posts
Categories
whoami
Projects
Events
KQL News
KQL Query
Cancel
Posts
Categories
whoami
Projects
Events
KQL News
Incident Response
2025
Investigating ClickFix Incidents
05-06
2024
UAL = Unaligned Activity Logs
11-14
Incident Response PowerShell V2
02-14
2023
Incident Response Part 3: Leveraging Live Response
10-26
Incident Response Part 2: What about the other logs?
10-13
Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition)
09-29