Use Microsoft technology for the detection and prevention of the SolarWinds chain attack
SolarWinds has revealed how monitoring products it released earlier this year may have been tampered with in a supply chain attack. In this blog post an overview of detection methods and IOC available for the detection and prevention of the SolarWinds attack. In…
Collect Microsoft Teams activity in Azure Sentinel and start hunting
Azure Sentinel is a cloud-native security information and event manager platform. (SIEM). Sentinel uses AI to analyze large volumes of data. Azure Sentinel is developed based on existing Azure services. Log Analytics and Logic apps are part of the foundation. What is Azure…
Inzicht in Brute-force & Password spray attack via Azure Sentinel
Azure Sentinel is een cloud-native Security Information Event Management-oplossing, ook wel bekend als een SIEM-oplossing. Azure Sentinel is cloud-native ontwikkeld op het schaalbare Azure platform en maakt gebruik van meerdere bestaande Azure services. In dit blog een toelichting over de detectie van Brute-force…