I didn't even have a chance to post here to say new seats were available😬😅
Edit: I made 25 more seats available. First come first serve!

You may subscribe to get notified for new seats.
academy.bluraven.io/intro-to-kql-f…

#Kusto #KQL

Just updated my #KQL repo, including Blu Raven newly introduced FREE introductory course in the KQL Training section. Also, Mehmet Ergene introduced a subscription model making his courses far more accessible.

➡️ academy.bluraven.io/courses

#KustoQuery
github.com/cyb3rmik3/KQL-…

😍Exciting News: Subscription plan for 'Hands-On Kusto Query Language (KQL) for Security Analysts' course is now available! 🚀
🔥🔥
academy.bluraven.io/hands-on-kusto…

#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #cybersecurity #KQL ForSecurityAnalysts #training

Hopefully not lost in the noise today: a report from WithSecure™ on Kapeka, an APT44 toolset we track as COLDWELL (dropper) and ICYWELL (backdoor).

Some detection rules in the fresh APT44 report, but be sure to read their detail analysis below first

labs.withsecure.com/publications/k…

🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
✅ 50 seats bi-monthly
✅ Certificate of completion
✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
Enroll for FREE 👇
academy.bluraven.io/intro-to-kql-f…
#KQL #Kusto #SIEM #MicrosoftSentinel

📣 Big Update! My course prices now include VAT, and I did it without raising the current prices! Enjoy the same great content with no hidden costs!

👉 academy.bluraven.io

#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity

💪 10x your alert triage and investigation skills!

I've been adding new content to my 'Hands-On Kusto Query Language (KQL) for Security Analysts' course that enables SOC analysts with fast triage capabilities using #KQL . More details soon!

👉 academy.bluraven.io/hands-on-kusto…

#KQL

Microsoft Graph Activity Logs are out of public preview and now generally available. These have quickly become one of my favourite log sources for both detections and investigations, some guidance and example hunting queries here - techcommunity.microsoft.com/t5/microsoft-e…

Check out 🚀msInvader: Simulate adversary techniques in M365 & Azure using Graph, REST, and EWS. Designed for blue teams, it helps generate attack telemetry to build, test, and enhance detection controls
🔗 github.com/mvelazc0/msInv…
📺 youtube.com/watch?v=a6iUru…
#M365 #Azure #EntraID

Join Binalyze's Robert O'Leary for his session, 'Proactive Threat Hunting for Enterprise Organizations'. Explore the world of threat hunting and its role in fortifying security operations centers and incident response teams. ow.ly/jZcq50Qy9eO #threathunting

Ru Campbell We achieve 80% of copilot current outcomes with soar prompts to our private LLM. We pay around 2k USD per month

David, age 24, says he's 'glad that Entra changes so frequently. It keeps my mind young.'

New tool in the arsenal for M365 and Entra ID red teaming
github.com/RedByte1337/Gr…

#redteam

This is why atomic testing is a bit of a faulty approach nowadays against EDRs. Testing should include a C2 and executing TTPs over the C2 implant.

New to the #LOLBAS project:

🆕 Tags: get extra context on functionality. Quickly want to find a LOLBAS that takes DLLs, or want to know how INetCache downloaders work? You can now 🏷️
🔄 APIs include all tag data
🔄 Improved entry pages

Check it out 👉lolbas-project.github.io