top of page
CYBER #ART (MICROSOFT SENTINEL) BLOG
Aniket RT
Feb 157 min read
Directory Traversal Detected Analytic Rule
High Level Overview: A directory traversal attack  (also called path traversal ) is a type of web attack  where an attacker tries to...
323 views0 comments
Aniket RT
Jan 118 min read
Potential Lateral Movement via RDP Detected
High Level Overview: Quick Deploy: Description: Â This query detects potential lateral movement within a network by identifying when an...
445 views0 comments
Aniket RT
Jan 28 min read
Microsoft Sentinel Cost-Efficient Ingestion with DCR Transformations : Streamlining Syslog Data
Overview  Data Collection Rules are standard configuration files that is usually leveraged by Azure Monitor Agent. This tells Azure...
413 views0 comments
Aniket RT
May 5, 20246 min read
Ingest Open Source Indicators of Compromise - Threat Intel
In this blog post, I show how to ingest Open Source TI Feeds by leveraging Azure Logic Apps and Microsoft Sentinel REST API.
379 views0 comments
Aniket RT
Jan 20, 20243 min read
Detect Failed Logins on Window and leverage Watchlist and Automation using Microsoft Sentinel
This article will explain how to trigger alerts and incidents for failed logins on Windows machines.
848 views0 comments
Aniket RT
Jan 14, 20244 min read
Kusto Detective - SANS Holiday 2023
Walkthrough for Kusto Detective SANS Holiday 2023 challenge
88 views0 comments
Aniket RT
Jan 7, 20244 min read
KQL to find Geo Details and Threat Score
Threat Intelligence and find geo-details of an IP
428 views0 comments
Aniket RT
Jan 5, 20243 min read
Detect failed logins on a Linux Machine in Azure using Microsoft Sentinel
This article will explain how to generate alerts and incidents for failed logins on Linux machines. This can be particularly useful to the S
408 views1 comment
bottom of page