top of page
CYBER #ART (MICROSOFT SENTINEL) BLOG

Directory Traversal Detected Analytic Rule
High Level Overview: A directory traversal attack (also called path traversal ) is a type of web attack where an attacker tries to...
Aniket RT
Feb 157 min read
388 views
0 comments

Potential Lateral Movement via RDP Detected
High Level Overview: Quick Deploy: Description: This query detects potential lateral movement within a network by identifying when an...
Aniket RT
Jan 118 min read
463 views
0 comments

Microsoft Sentinel Cost-Efficient Ingestion with DCR Transformations : Streamlining Syslog Data
Overview Data Collection Rules are standard configuration files that is usually leveraged by Azure Monitor Agent. This tells Azure...
Aniket RT
Jan 28 min read
446 views
0 comments


Ingest Open Source Indicators of Compromise - Threat Intel
In this blog post, I show how to ingest Open Source TI Feeds by leveraging Azure Logic Apps and Microsoft Sentinel REST API.
Aniket RT
May 5, 20246 min read
387 views
0 comments


Detect Failed Logins on Window and leverage Watchlist and Automation using Microsoft Sentinel
This article will explain how to trigger alerts and incidents for failed logins on Windows machines.
Aniket RT
Jan 20, 20243 min read
931 views
0 comments


Kusto Detective - SANS Holiday 2023
Walkthrough for Kusto Detective SANS Holiday 2023 challenge
Aniket RT
Jan 14, 20244 min read
88 views
0 comments

KQL to find Geo Details and Threat Score
Threat Intelligence and find geo-details of an IP
Aniket RT
Jan 7, 20244 min read
429 views
0 comments

Detect failed logins on a Linux Machine in Azure using Microsoft Sentinel
This article will explain how to generate alerts and incidents for failed logins on Linux machines. This can be particularly useful to the S
Aniket RT
Jan 5, 20243 min read
409 views
1 comment
bottom of page