Happy Friday, all! Well, we’ve done it again. The delivery of the “Azure Sentinel this Week” newsletter means we’ve successfully checked off another work week.
And, its October. The holiday season is just around the corner. Everyone has their favorite time of the year, but this time of year is truly my favorite. The brisk weather, the smell of the fall season, and seasonal movies.
Most of you know I’m a movie and TV buff, but starting around October is when these things kick into high gear. It starts with Halloween and the scary movies (which I love but the wife hates), dips into Thanksgiving with things like
Planes, Trains, and Automobiles, and then crescendos with the Christmas season movies - from
A Charlie Brown Christmas to
Elf to
Christmas Vacation to name just a few. So, I’m getting extra excited. Have a favorite seasonal movie of your own? I’m happy to discuss it on Twitter. Here, I’ll make it easy for you. Just insert your own movie title and copy/paste to Twitter:
@rodtrent - my favorite seasonal movie is <your movie title here>
But, there’s also that excitement of knowing what’s coming just around the corner for Azure Sentinel. As we approach
Microsoft Ignite this year, keep your eyes peeled for subtle things. Little telltale nuances about what’s coming. We save Ignite each year for some major announcements and, believe me, Sentinel is no different. I promise you, you will be enthralled.
…
There’s just a couple things to highlight for this week before you head off into the content below.
First off, I’ve bitten the bullet and finally began treading down the ultimate rabbit hole. A long while ago a customer asked for a better way to envision its team’s cybersecurity stance, workload, and processes. That discussion birthed the idea of a “SOC Score.”
The SOC Score is essentially a daily credit score for SOCs where, based on team activities, the score can be improved. So, I have been digging into this for the past couple weeks and have made some significant progress. However, I need help with it. This help is a really simple task and just requires you to run some KQL queries in your Azure Sentinel environment and send me the results. See
https://cda.ms/2Rq to learn more.
And, if you’re not the person that does this in your environment, please pass it off to the teammate that does. I truly appreciate the help!
…
The second item to highlight is that we have just released our latest Microsoft Digital Defense Report. Over the past couple days, I’ve seen the news outlets focused on the most prevalent state-actor data. It’s Russia - go figure. But, this report contains some valuable information beyond that. I think some of the best data here is around how invested we are in security and that investment (time, money, resources) is leading the industry.
If you’re interested in this type of data, you can find the report here:
https://cda.ms/2Rr
…
OK, that’s all for this week. Enjoy the weekend and we’ll talk again next Friday.