BertJanCyber
@bertjancyber.bsky.social
CSIRT | http://kqlquery.com | Microsoft Security MVP | Blue & Purple Team | SOC | SIEM | Threat Hunting | Detection Engineering | #KQL |
What EndpointCall do you use for these detections? Or do you only rely on SignInLogs for device code auth?
February 18, 2025 at 4:52 PM
What EndpointCall do you use for these detections? Or do you only rely on SignInLogs for device code auth?
I am aware, that is most often the case for the phishing flow. But this scenario focusses more on the flow of accessing management apis from unmanaged devices using device code auth.
February 18, 2025 at 4:50 PM
I am aware, that is most often the case for the phishing flow. But this scenario focusses more on the flow of accessing management apis from unmanaged devices using device code auth.
That deployment pipeline is not finished yet :D
December 23, 2024 at 8:55 PM
That deployment pipeline is not finished yet :D
1. github.com/Bert-JanP/Hu...
2. github.com/Bert-JanP/Hu...
3. github.com/Bert-JanP/Hu...
4. github.com/Bert-JanP/Hu...
2. github.com/Bert-JanP/Hu...
3. github.com/Bert-JanP/Hu...
4. github.com/Bert-JanP/Hu...
github.com
December 10, 2024 at 3:35 PM