🏹 𝐍𝐞𝐰 #𝐊𝐐𝐋 𝐪𝐮𝐞𝐫𝐲!

➡️ 𝐅𝐞𝐭𝐜𝐡 𝐝𝐲𝐧𝐚𝐦𝐢𝐜 𝐚𝐧𝐝 𝐦𝐚𝐧𝐮𝐚𝐥 𝐭𝐚𝐠𝐬 𝐟𝐨𝐫 𝐚𝐜𝐭𝐢𝐯𝐞 𝐝𝐞𝐯𝐢𝐜𝐞𝐬
🔗 github.com/cyb3rmik3/KQ...

#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR

That's me after owning the make-graph operator and building my first #KQL query for Exposure Management in Advanced Hunting.

More, coming soon.

#KustoQuery

A well-spent Saturday morning, renewing Security Operations Analyst Associate Certification for one more year. It was a great chance to dive back into the SC-200 content, with a focus on Security Copilot and enhanced RBAC for Microsoft Sentinel and Log Analytics Workspace.

#MicrosoftSecurity

Super excited to share that I've been renewed as a Microsoft MVP in Security for a second consecutive year! It's been an incredible journey of contribution, learning, and growth, connecting with amazing new friends and peers.

#MicrosoftMVP #MVPBuzz

💡 Are you struggling to materialize an 𝐑𝐁𝐀𝐂 model for your 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 (Microsoft Sentinel + Defender XDR) ? Well, your are not the only one out there...

[1/3]

#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #DefenderXDR

There is a superpower here, if you use private links, you can't take advantage of Microsoft Defender EASM in your Log Analytics Workspace.

The new integration with Microsoft Security Exposure Management, allows enriching the relevant tables with EASM data.

#MicrosoftSecurity #MicrosoftDefender

April's Kusto Insights newsletter curated by @ugurkoc.de & @bertjancyber.bsky.social just dropped!

🔗 kustoinsights.substack.com/p/kusto-insi...

#MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage

Further information have been published with regards to newest additions in the 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 schema and 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐓𝐞𝐚𝐦𝐬 oversight. Specifically, 3 new tables have been introduced, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐄𝐯𝐞𝐧𝐭𝐬, 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐏𝐨𝐬𝐭𝐃𝐞𝐥𝐢𝐯𝐞𝐫𝐲𝐄𝐯𝐞𝐧𝐭𝐬 and 𝐌𝐞𝐬𝐬𝐚𝐠𝐞𝐔𝐫𝐥𝐈𝐧𝐟𝐨.

🔗 learn.microsoft.com/defender-xdr...

#KQL

The chair of Theodoros Kolokotronis, a natural rocky seat where the great General oversaw the battlefield of Tripolitsa. From this very spot, he planned his strategy and sparked the Greek Revolution of 1821

#Peloponnese #Arcadia #Tripolis #EtInArcadiaEgo

First contribution in the @microsoftlearn.bsky.social portal! 💪

What an extraordinary journey for such an impactful organization! 💪

#Microsoft50

Officially en route to Seattle for the #MVPSummit! First leg to IST and then ✈️ Seattle!

Let's go!

Join me at AI Cloud and Modern Workplace Conference 2025 which is held online for my session:

Elevating Regulatory Compliance with Microsoft's SIEM and XDR Technologies Powered by Actionable Threat Intelligence

ℹ️ No registration required: aicmwc2025.azurewebsites.net

#ThreatIntel #CTI

🏹 New #KQL query!

➡️ 𝐈𝐝𝐞𝐧𝐭𝐢𝐟𝐲 𝐞𝐧𝐝𝐩𝐨𝐢𝐧𝐭𝐬 𝐰𝐢𝐭𝐡 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐥𝐨𝐠𝐠𝐞𝐝 𝐨𝐧 𝐮𝐬𝐞𝐫𝐬, 𝐚𝐧𝐝 𝐬𝐡𝐚𝐫𝐞𝐬 𝐰𝐢𝐭𝐡 𝐩𝐞𝐫𝐦𝐢𝐬𝐬𝐢𝐨𝐧 𝐬𝐞𝐭 𝐭𝐨 “𝐄𝐯𝐞𝐫𝐲𝐨𝐧𝐞”
🔗 github.com/cyb3rmik3/KQ...

#MicrosoftSecurity #KustoQuery #KustoQueryLanguage #MicrosoftMDVM #VulnerabilityManagement

📬 Have you checked latest Kusto Insights by @ugurkoc.de & @bertjancyber.bsky.social

🗓 December update is available now kustoinsights.substack.com/p/kusto-insi...

#KustoInsights #KustoQuery #KustoQueryLanguage #KQL #MicrosoftSecurity

That fresh smell of new when you update 😄

#MISP

🏹 New #KQL queries!

➡️ 𝐆𝐞𝐭 𝐭𝐨 𝐤𝐧𝐨𝐰 𝐲𝐨𝐮𝐫 𝐌𝐈𝐒𝐏 𝐭𝐡𝐫𝐞𝐚𝐭 𝐢𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 𝐟𝐞𝐞𝐝
🔗 github.com/cyb3rmik3/KQ...

💡 If you are aggregating a MISP for your TI feed in Microsoft Sentinel, then your 𝐓𝐡𝐫𝐞𝐚𝐭𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞𝐈𝐧𝐝𝐢𝐜𝐚𝐭𝐨𝐫 table will be able to provide some fruitful numbers on how your MISP is contributing.

Today was a good day for the lab. Some serious threat intel capacity upgrade just took place.

Kudos cudeso.be for the guide and guidance.

#MicrosoftSecurity #DefenderXDR #SentinelSIEM #ThreatIntel