Azure Sentinel SIEM

May 30, 2019

Azure Sentinel & Jupyter Notebooks

Before going into additional details about what a Jupyter Notebook is, I would like first to have a visual comparison of the analytical functionality offered by Azure Kusto Query Language queries vs. Jupyter Notebook with Python/msticpy/Kqlmagic. If your analytical requirements are limited to those typical to SIEM platforms that allow query of data, extraction of […]

Read More
Azure Sentinel & Jupyter Notebooks
May 28, 2019

On-Premises vs. Azure Cloud Security Stack

In February 2019, Managed Sentinel released a diagram presenting a mapping of on-premises security controls vs. services offered by major cloud services providers. The following diagram follows a similar pattern, focused just on Azure security technologies and including additional information such as free vs. billable Azure services, availability of the 3rd party tools within Azure Marketplace and […]

Read More
On-Premises vs. Azure Cloud Security Stack
May 23, 2019

Configuring Office 365 Connector in Azure Sentinel

The Office 365 activity log connector provides insight into ongoing O365 user activities.  By configuring Office 365 Connector in Azure Sentinel you will get details of operations such as file downloads, access requests sent, changes to group events, set-Mailbox and details of the user who performed the actions. This information will be visible in Azure Sentinel Dashboards […]

Read More
Configuring Office 365 Connector in Azure Sentinel
May 20, 2019

Azure Sentinel SIEM Architecture

Azure Sentinel cloud SIEM architecture vs. traditional SIEM platforms (based on SANS Reference SIEM Architecture). It provides a high-level mapping of specific Azure Sentinel functions to generic next-gen SIEM functions.

Read More
Azure Sentinel SIEM Architecture
Page 1 of 3
Back to top
Close