Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Treść dostarczona przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Podobny do Blue Security
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
))
Microsoft Sentinel Deep-Dive with Henrik Wojcik
Manage episode 400744213 series 3498024
Treść dostarczona przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Summary
In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with KQL queries.
Takeaways
- Consider data residency and compliance requirements when deploying Microsoft Sentinel.
- Separate operational logs and security logs to optimize cost and focus on relevant data.
- Use connectors to ingest data from various sources into Microsoft Sentinel.
- Tune analytics rules to avoid alert fatigue and focus on valuable alerts.
- Utilize scheduled queries and UEBA to identify suspicious behavior and automate investigations.
- Leverage playbooks and automation to streamline incident response and reduce manual effort.
- Create workbooks for data visualization and customize them to display relevant information.
- Explore advanced hunting with KQL queries to proactively search for threats and investigate incidents.
-------------------------------------------
Youtube Video Link: https://youtu.be/n9dDfmX-A9Q
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference
https://learn.microsoft.com/en-us/azure/sentinel/create-custom-connector
Henrik Wojcik:
https://www.linkedin.com/in/henrikfrandswojcik/
https://twitter.com/henrikwojcik
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: adam@bluesecuritypod.com
213 odcinków
Udostępnij
Manage episode 400744213 series 3498024
Treść dostarczona przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Summary
In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with KQL queries.
Takeaways
- Consider data residency and compliance requirements when deploying Microsoft Sentinel.
- Separate operational logs and security logs to optimize cost and focus on relevant data.
- Use connectors to ingest data from various sources into Microsoft Sentinel.
- Tune analytics rules to avoid alert fatigue and focus on valuable alerts.
- Utilize scheduled queries and UEBA to identify suspicious behavior and automate investigations.
- Leverage playbooks and automation to streamline incident response and reduce manual effort.
- Create workbooks for data visualization and customize them to display relevant information.
- Explore advanced hunting with KQL queries to proactively search for threats and investigate incidents.
-------------------------------------------
Youtube Video Link: https://youtu.be/n9dDfmX-A9Q
-------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference
https://learn.microsoft.com/en-us/azure/sentinel/create-custom-connector
Henrik Wojcik:
https://www.linkedin.com/in/henrikfrandswojcik/
https://twitter.com/henrikwojcik
----------------------
Contact Us:
Threads: https://www.threads.net/@bluesecuritypodcast
-------------------------------------------
Andy Jaw
-------------------------------------------
Adam Brewer
Email: adam@bluesecuritypod.com
213 odcinków
Wszystkie odcinki
×
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.
Podobny do Blue Security
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
