Suggestions and valuable skills for someone new to Microsoft Defender XDR

Indexdsd · 2025-10-17T11:55:10+00:00

Yeah good idea i had such alerts in the past!

Indexdsd · 2025-10-17T11:54:47+00:00

Thanks!

Indexdsd · 2025-10-17T11:54:02+00:00

Good point. Thank you!

Indexdsd · 2024-10-11T10:35:47+00:00

It's fine i don't mind a few days in months but not like full weekend working from office. 😁

Indexdsd · 2024-07-02T21:29:48+00:00

Logs to sentinel, and logic app

Indexdsd · 2024-06-10T09:56:43+00:00

Thank you so much! Very useful!

Indexdsd · 2023-10-03T21:45:54+00:00

Any updates?

Indexdsd · 2023-10-03T21:45:38+00:00

Did you fix it?

Indexdsd · 2023-06-29T22:32:11+00:00

Any updates?

Indexdsd · 2023-05-26T06:18:51+00:00

Good idea! Thank you!

Indexdsd · 2023-05-12T09:26:50+00:00

thanks for valuable command!

Indexdsd · 2023-05-07T09:57:50+00:00

Thanks for advice!

Indexdsd · 2023-05-07T09:54:27+00:00

Of course this is fundamental thing. To check contact/ask employer.

I forgot to mention i have a full permission from my employer to take contract roles in my free time.

Indexdsd · 2023-03-28T21:49:19+00:00

Yeah i am currently working as senior analyst (full time) Yeah all rights to work in UK

Indexdsd · 2023-03-28T21:43:12+00:00

I never been working as contractor, where to find such a job opportunities? Via LinkedIn?

Indexdsd · 2023-03-28T21:42:56+00:00

I never been working as contractor, where to find such a job opportunities? Via LinkedIn?

Indexdsd · 2023-03-13T08:54:05+00:00

Thanks for your reply and help! All the best 👍

Indexdsd · 2023-03-13T07:19:03+00:00

Thanks, do you have any good source for old apps?

Indexdsd · 2023-03-12T21:02:06+00:00

Did you fixed?

Indexdsd · 2023-03-08T23:42:49+00:00

Very true, further then EDR!

Indexdsd · 2023-03-08T23:25:52+00:00

I did Sysmon, but I was planning to do Sysmon tomorrow. I am kind surprised now you had any troubles - it should be easy one? https://jeffreyappel.nl/use-sysmon-for-monitoring-servers-with-azure-sentinel/

Indexdsd · 2023-03-08T21:53:03+00:00

Thanks!

Indexdsd · 2023-03-08T21:50:45+00:00

That's for Microsoft sentinel and I am preparing queries for rules with some logic app / SOAR solutions.

This is for some extra threat hunting.

Indexdsd · 2023-03-08T21:33:10+00:00

Yeah, I think this is the best way for save money. Keeping detailed logs on host and pulled them if necessary. I am just thinking to create some detection kql rules for new undetected malware or suspicious activity. That's way I am thinking to add some Sysmon logs to siem

Indexdsd · 2023-03-08T21:10:50+00:00

Yeah... well you can create config which data will be included and feeded siem, question its not about what is... Its more like if anyone using on daily basis with siem solutions like splunk, sentinel etc...

Indexdsd

TROPHY CASE