Blog | Microsoft Sentinel

Aniket RT

May 56 min read

Ingest Open Source Indicators of Compromise - Threat Intel

In this blog post, I show how to ingest Open Source TI Feeds by leveraging Azure Logic Apps and Microsoft Sentinel REST API.

Aniket RT

Jan 203 min read

Detect Failed Logins on Window and leverage Watchlist and Automation using Microsoft Sentinel

This article will explain how to trigger alerts and incidents for failed logins on Windows machines.

Aniket RT

Jan 144 min read

Kusto Detective - SANS Holiday 2023

Walkthrough for Kusto Detective SANS Holiday 2023 challenge

Aniket RT

Jan 74 min read

KQL to find Geo Details and Threat Score

Threat Intelligence and find geo-details of an IP

Aniket RT

Jan 53 min read

Detect failed logins on a Linux Machine in Azure using Microsoft Sentinel

This article will explain how to generate alerts and incidents for failed logins on Linux machines. This can be particularly useful to the S