Truls 🐱👤
@truls.infernux.no
🔓 Microsoft MVP Security
👷♂️ Security Architect/Engineer
writer of mediocre code 💻
blog: https://infernux.no
github: https://github.com/lnfernux
#Microsoft #Security #MVP #CTF
👷♂️ Security Architect/Engineer
writer of mediocre code 💻
blog: https://infernux.no
github: https://github.com/lnfernux
#Microsoft #Security #MVP #CTF
- Using Invoke-RestMethod works with an access token for everything
- If you create detection rules in the UI and pull them as code, impacted assets are empty (this is a required field for pushing)
- If you create the rule from the API, impacted assets is returned normally
2/2
- If you create detection rules in the UI and pull them as code, impacted assets are empty (this is a required field for pushing)
- If you create the rule from the API, impacted assets is returned normally
2/2
June 2, 2025 at 8:15 AM
- Using Invoke-RestMethod works with an access token for everything
- If you create detection rules in the UI and pull them as code, impacted assets are empty (this is a required field for pushing)
- If you create the rule from the API, impacted assets is returned normally
2/2
- If you create detection rules in the UI and pull them as code, impacted assets are empty (this is a required field for pushing)
- If you create the rule from the API, impacted assets is returned normally
2/2
It's also up on github with a readme github.com/lnfernux/pws... :)
GitHub - lnfernux/pwshuploadindicatorsapi: PowerShell module for connecting to and sending indicators of compromise to the Upload Indicators API (Microsoft Sentinel)
PowerShell module for connecting to and sending indicators of compromise to the Upload Indicators API (Microsoft Sentinel) - lnfernux/pwshuploadindicatorsapi
github.com
December 27, 2024 at 10:28 AM
It's also up on github with a readme github.com/lnfernux/pws... :)
Do you need AI for Security? Maybe. Still need to protect it if the rest of org has Copilot.
Exposure Management is now GA, which is really neat and a great tool for everyone. One presentation called DFC a CISO dashboard which is wild.
I'll rate it 👏/10, not quite 🔥/10 but still alright. 2/2
Exposure Management is now GA, which is really neat and a great tool for everyone. One presentation called DFC a CISO dashboard which is wild.
I'll rate it 👏/10, not quite 🔥/10 but still alright. 2/2
November 25, 2024 at 11:21 AM
Do you need AI for Security? Maybe. Still need to protect it if the rest of org has Copilot.
Exposure Management is now GA, which is really neat and a great tool for everyone. One presentation called DFC a CISO dashboard which is wild.
I'll rate it 👏/10, not quite 🔥/10 but still alright. 2/2
Exposure Management is now GA, which is really neat and a great tool for everyone. One presentation called DFC a CISO dashboard which is wild.
I'll rate it 👏/10, not quite 🔥/10 but still alright. 2/2