Good Friday everyone! I hope it was a good week for each of you.
Thanks for continuing this journey with our weekly get-togethers. I truly appreciate each and every one of you and the time you take during each week to contact me with questions, comments, feedback, etc.
Speaking of which, its worth highlighting something important this week. A couple newsletter issues back we delivered the “Azure Sentinel Notebooks
” edition. Since then, it became very clear that we needed a special way for customers to contact the Azure Sentinel Notebooks team at Microsoft.
So – voila!
We now have an official way for you to connect with the team. Use the email address email@example.com to provide feedback, comment, and suggestions.
I know we have a great number of Microsoft folks who subscribe to this newsletter. Just so you know…this same email address is available for you, too. :)
And, then I have one more Azure Sentinel Notebooks piece of information to cover in our newsletter preamble. The first blog post in an Azure Sentinel Notebooks Ninja series
was released shortly after last week’s newsletter issue delivered. We were planning to release Part 2 of the series prior to this week’s newsletter delivery so it could be included here - but, unfortunately that didn’t happen. Not everything follows the natural order of things. We had technical difficulties at the last minute that will push Part 2 to release next week instead. So, I apologize for that.
In Part 2, we dig into exactly what MSTICpy is and have produced a video walk-through of the Getting Started notebook that’s provided as part of the out-of-the-box experience for Azure Sentinel. Its a great read (if I do say so myself). And, because we couldn’t officially release Part 2 this week, here’s an excerpt teaser (just for newsletter subscribers) to get you all excited for it…
Many of our pre-built notebooks rely on a Python library called MSTICPy
. Originally developed by Microsoft to support Jupyter Notebooks authoring for Azure Sentinel, MSTICPy (Microsoft Threat Intelligence Python Security Tools
) is a Python library that addresses three primary requirements for security investigators and hunters: acquiring and enriching data, analyzing data, and visualizing data. MSTICPy serves to reduce the amount of code that would have to be written using other Python libraries that aren’t tailored for security. While Azure Sentinel on its own provides the ability to do much of the same, Jupyter Notebooks with MSTICpy provides deeper functionality in the following specific areas…
Tell your friends, neighbors, countrymen, and colleagues about this series. Its gonna go down in history as monumental.
That’s it for my ramblings this week. In the US, we have a 3-day weekend due to Labor Day
and while I’ll be starting creation of Part 3 of the Azure Sentinel Notebook Ninja series today, I’m gonna bump off early to begin enjoying myself.
And, hey…just so you all know. Its OK to contact me on LinkedIn
. Frankly, I wish more of you would do it. Sometimes people hesitate to do it for a number of reasons, but mostly because some feel they don’t want to bother
someone. For me, rest assured that’s not the case. I really enjoy the Azure Sentinel questions and discussions. We’re all in this together.
P.S. Azure Sentinel is not a compliance tool. (more on this later)