Ali Alwashali-ng 🚦
@ali_alwashali
Threat Detection and Response.
ID:4679036928
30-12-2015 17:40:47
2,7K Tweets
14,8K Followers
1,3K Following
If you want to play with KQL and use some of your own data rather than sample data, set yourself up a free Azure Data Explorer (ADX) cluster. No credit card or Azure subscription required, 100 GB storage, it is great for testing and ad-hoc analysis - learn.microsoft.com/en-us/azure/da…
Let's meet if you are attending the #FIRSTCTI24 cyber threat intelligence conference in Berlin.
first.org/conference/fir…
Graph activity logs in azure are crucial to build detections for attacks that use graph api
Most common example are the discovery techniques used by tools like AzureHound
I recommend reading Fabian Bader blogs about this topic
cloudbrothers.info/detect-threats…
cloudbrothers.info/detect-threats…
This new book has finally arrived. Thank's to No Starch Press as well as Bill Pollock -- [email protected] for making it happen as well as Lee Holmes as my tech reviewer.