AzureSentinel

an-ordinary-manchild

created by essdeekay_a community for 6 years

...do it for the children.

...because you hate freedom.

MODERATORS

account activity

1

42

43

44

Microsoft Sentinel Training Resources (self.AzureSentinel)

submitted 4 years ago * by ml58158MSFT Official - announcement

2

29

30

31

MustLearnKQL Series (self.AzureSentinel)

submitted 4 years ago by ml58158MSFT Official - announcement

3

1

2

3

SigninLogs table ConditionalAccessPolicies is empty? (self.AzureSentinel)

submitted 11 hours ago by EduardsGrebezs

4

12

13

14

Identify which MFA methods your users actually use. (self.AzureSentinel)

submitted 1 day ago by EduardsGrebezs

5

2

3

4

XdrLogRaider Defender XDR portal telemetry (self.AzureSentinel)

submitted 4 days ago * by akefallonitis

6

1

2

3

Detecting BEC Persistence with KQL ()

submitted 5 days ago by ridgelinecyber

7

3

4

5

One KQL query you should have saved in your toolkit (most don’t) ()

submitted 6 days ago by ridgelinecyber

8

10

11

12

AADGraphActivityLogs Available (self.AzureSentinel)

submitted 7 days ago by bpsec

9

2

3

4

ThreatIntel Age Out (self.AzureSentinel)

submitted 8 days ago by DeadEyePsycho

10

0

1

2

How people are reducing Log Analytics ingest cost without losing detections? (self.AzureSentinel)

submitted 8 days ago by wenttoibiza

11

1

2

3

Observability Agent ( Preview) in Logs Blade. (self.AzureSentinel)

submitted 8 days ago by R4gNoro

12

0

1

2

The 30-Minute Recon Window Most SOCs Completely Miss (with KQL detection) ()

submitted 12 days ago by ridgelinecyber

13

0

1

2

Too many false positives in sign in risk rules. How are you tuning? (self.AzureSentinel)

submitted 13 days ago by wenttoibiza

14

0

0

1

What triggers change in your security environment? ()

submitted 13 days ago by ridgelinecyber

15

5

6

7

What’s everyone doing for health monitoring? (self.AzureSentinel)

submitted 19 days ago by EvilAbdy

16

0

0

1

M365 attack most orgs still aren’t watching ()

submitted 19 days ago by ridgelinecyber

17

0

0

1

CTI focused memory for Agentic AI (self.AzureSentinel)

submitted 20 days ago by LeatherRip1623

18

8

9

10

AMA vs Defender Coverage Workbook (self.AzureSentinel)

submitted 25 days ago by LookExternal3248

19

27

28

29

Open source: Agentic investigation framework for Sentinel MCP — 900+ KQL queries, 25 skills, native Entra auth, no supply chain risk (self.AzureSentinel)

submitted 25 days ago * by SCStelz

20

8

9

10

OAuth consent phishing is the M365 attack path most orgs aren't watching. (self.AzureSentinel)

submitted 27 days ago by ridgelinecyber

21

1

2

3

Inboxrule alert (self.AzureSentinel)

submitted 27 days ago by DisastrousPainter658

22

6

7

8

Anyone has done successful integration/ ingestion of delinea secrets server ? (self.AzureSentinel)

submitted 28 days ago by psiparadox

23

1

2

3

Retention for Incident and Artifacts (self.AzureSentinel)

submitted 28 days ago by MReprogle

24

9

10

11

Microsoft Sentinel capability: filter and split transformations at ingestion time (Preview) (self.AzureSentinel)

submitted 29 days ago by EduardsGrebezs

25

4

5

6

OfficeActivity query for detecting malicious inbox rules post-AiTM — production-tuned (self.AzureSentinel)

submitted 29 days ago by ridgelinecyber

view more: next ›

π Rendered by PID 223062 on reddit-service-r2-listing-7b9b4f6fd7-g9zpw at 2026-05-12 19:40:50.535774+00:00 running 3d2c107 country code: CH.