View profile

Microsoft Sentinel this Week - Issue #68

Microsoft Sentinel this Week
Microsoft Sentinel this Week - Issue #68
By Rod Trent • Issue #68 • View online
Good Friday everyone!
This Friday is especially exciting for me as I’m taking a larger chunk of my time off in one fell swoop. As of today, I’m out of office until July 11th. As the Microsoft fiscal year closes and the next one opens, this is a great time to rest, reflect and reenergize for the busy year ahead.
I’ll still be stopping in from time-to-time. As I’ve said, I enjoy my work so it’s not a burden for me to sneak away and catch up on things. I truly enjoy it.
Here’s a new opportunity this week for you to participate in making Microsoft Sentinel better.
Endpoint Data and Large-Scale Security Investigations Survey
The Sentinel engineering team is looking to understand the pain points security analysts experience as they collect endpoint data in the scope of a security investigation. They would like to understand your current obstacles when conducting these large-scale security investigations, especially around obtaining access, collecting, and analyzing relevant endpoint data.
Please help us by filling out this short survey.
My manager asked me this past week about what was on my mind. I’ll tell you what I told him – nothing. With the fiscal year at an end and a week off to enjoy friends and family, I’ve spent the last few days emptying my inbox and my thoughts.
So, as such, I don’t have a lot to share this week. There’s a lot of wonderful newsletter content and sometimes that’s enough.
Talk to you all soon.

Stuff to Read
Microsoft Sentinel — Custom Log Ingestion | by Rogier Dijkman | Jun, 2022 | Medium
Import Anomali ThreatStream Feed into Microsoft Sentinel - Microsoft Tech Community
Migration to Microsoft Sentinel made easy - Microsoft Tech Community
Microsoft Sentinel Automation Tips & Tricks – Part 1: Automation rules - Microsoft Tech Community
Re-use tables in Microsoft Sentinel Workbooks – Yet Another Security Blog
How do I determine what API Microsoft Sentinel is using? – Yet Another Security Blog
Stuff to Watch/Listen To
Tiberium Series: Automate Everything - Microsoft Experts talking Security Automation. Rod Trent
Stuff that's New
Microsoft Sentinel skill-up training | Microsoft Docs
Stuff That's Related
Announcing the new certification for cybersecurity architects - Microsoft Tech Community
Certification Dashboard and SC-100 News - Azure Cloud & AI Domain Blog
Azure Blob Container Threats & Attack
The 2-Minute Recap : Everything new with Security, Compliance, and Identity on Microsoft Learn - Microsoft Tech Community
How security leaders can help their teams avoid burnout - Microsoft Security Blog
Stuff from Partners
Interactive takes electrical distributor IPD Group to Azure - Services - CRN Australia
Stuff in the News
Early wins and long-term vision: Choosing Microsoft as the platform for Cheshire policing
Stuff to Have
community/geolookup at main · msandbu/community · GitHub
community/killnetkusto at main · msandbu/community · GitHub
KQL_Intune/Operational-LatestDeviceEnrollments.kql at main · ugurkocde/KQL_Intune · GitHub
Did you enjoy this issue?
Rod Trent

The Microsoft Sentinel weekly newsletter helps uncover the new and important features and news for Microsoft's cloud-based SIEM+SOAR security tool.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue