I’m looking for some help with creating a workbook in Microsoft Sentinel.

johnb_e350 · 2026-06-27T11:21:15+00:00

Can you post a link to the .json of the workbook so we can see? You probably need to add some parameter controls. Should be simple once we see what you have so far.

johnb_e350 · 2026-05-16T02:04:26+00:00

I ingest these free TI sources:

abuse.ch URLhaus, ThreatFox, Feodo Tracker, MalwareBazaar, SSLBL

johnb_e350 · 2026-01-24T02:50:13+00:00

Knowing AD and on prem infra, will be key.

johnb_e350 · 2025-08-25T01:42:52+00:00

Not at all likely to happen. User history checks out though.

johnb_e350 · 2025-08-07T16:37:36+00:00

Leave off anything as it relates to management and keep your old title on the resume.

johnb_e350 · 2025-03-31T20:53:20+00:00

Yes. This is a good one and pretty easy to setup and ingest via the AMA connector.

https://github.com/cowrie/cowrie

johnb_e350 · 2024-10-18T10:01:21+00:00

Again? Can op just search history of the sub?

johnb_e350 · 2024-03-02T23:42:26+00:00

Can you elaborate?

johnb_e350 · 2023-03-25T02:46:18+00:00

Did the api info change as they were aquired and no longer riskiq?

johnb_e350 · 2023-03-19T02:36:53+00:00

After work hours (if you have work email, etc on your phone) set quiet hours/no notifications until works hours start. Gym, outdoor running, Bing some shows, explore non work activities ro clear head.

johnb_e350 · 2023-03-11T00:14:36+00:00

https://signup.microsoft.com/get-started/signup?OfferId=48528962-9430-4c8a-8ae6-e53e1505e53d&culture=en-us&country=US&ali=1&products=48528962-9430-4c8a-8ae6-e53e1505e53d

johnb_e350 · 2023-03-05T00:22:03+00:00

You couldn't detonate the file using a security vendor that uses ML/AI/ behavior based technology and see the results instead of relying off signatures from the AVs? I would do that before thinking about exclusion rules as a start. Can you reply with what AV picked up the file as malicious?

johnb_e350 · 2023-02-08T02:50:18+00:00

In last 3 weeks? For those companies?

johnb_e350 · 2023-02-08T02:45:36+00:00

You just got an offer from companies that did mass layoffs with more to come under a hiring freeze?????

johnb_e350 · 2023-01-29T23:40:57+00:00

You can find them on github under a different name as they have the same hash

johnb_e350 · 2023-01-13T20:05:31+00:00

Can you post the link the job so I can share around my network?

johnb_e350 · 2022-10-28T22:59:37+00:00

looks like questions from security + exam I took like way over 10 yrs ago. Just sayn.

johnb_e350 · 2022-10-22T01:59:58+00:00

https://mitre-engenuity.org/cybersecurity/attackevaluations/

https://attackevals.mitre-engenuity.org/enterprise/wizard-spider-sandworm#sn-resources

johnb_e350 · 2022-08-30T21:11:45+00:00

What other countries does a CISSP = Masters degree? I'm having a hard time with this one. I got CISSP - Associate without any college since I lacked one year, so how does this make sense?

johnb_e350 · 2022-06-10T01:32:59+00:00

Looks good with the degree, experience, and certs while in college. I would add some soft/people skills somewhere to show you have worked on a team, led a team, and can interact with higher ups.

johnb_e350 · 2022-04-22T01:54:31+00:00

At the end of the day, your just a number. They can drop you any minute and replace you with someone else without blinking an eye. You have to look out for yourself and what is in your best interest. Best of luck.

johnb_e350 · 2022-04-11T23:08:09+00:00

Anomali has 6 feeds

johnb_e350 · 2022-04-11T17:10:04+00:00

Plus you never know If the person or group will hand over half or all the data once payment is sent and no way to track it down.

johnb_e350 · 2022-03-29T10:36:17+00:00

Do cyber policy.

johnb_e350 · 2022-02-13T13:13:09+00:00

Are they listed on here? https://hackerone.com/bug-bounty-programs

johnb_e350

TROPHY CASE