DylanðĄAttacktheSOC
@DylanInfosec
Dad â Husband ð Azure Security | DE&TH | IAM ðïļðĨū Catch me outside ðïļââïļCultoftheIron
āļāļļāļāļāļēāļāļāļ·āđāļāļāļāļ
To the folks saying, "$25K? C'mon!". Really? With this economy and not knowing anything about this insider... Someone made a bet that 25K would get someone to move and they hit their mark. The further the waters of hardship flow, the more opportunities grow -Sun Tzu (probably)
Defender Vulnerability Management moves to Exposure management. If you miss something, here is a handy chart to find it in the new menu. #XDR
The XDR table support for Data Lake works beautifully. Data stays in Advanced Hunting for 30 days for analytics while you only pay for Data Lake ingestion and storage. No more transformation overhead and you keep GRC and the IR team happy.
Everywhere you look there's something new to learn about.. went to go play with dropping XDR tables into Data lake and saw this new little button: Create and use custom Microsoft Sentinel MCP tools - learn.microsoft.com/en-us/azure/seâĶ
Master prompts in Microsoft Copilot Studioâreusable libraries, governance, and grounded responses for consistent AI. Ready to prompt? msft.it/6019tVt4z #MSIgnite2025 #msftadvocate #CopilotStudio #PromptEngineering
If you are currently learning Cybersecurity, remember this: every professional you admire was once a confused beginner who chose not to give up. Stay consistent. Keep showing up. Your breakthrough is on the way âĪïļ
The second point here always drove me crazy... completely and unashamedly vibe coded an extension in about 20 minutes to just attach a "Copy KQL" button to the XDR portal whenever a KQL preview appears: github.com/AttacktheSOC/sâĶ
It's an interesting feature, but why why the hell does it: - show me analytics rules from data connectors which I dont have in use (there isnt even a filter) - wont let me copy the kql query (like just fix the css i would assume), i just wanna copy it to test it...
Just learned from a Microsoft AE, SOC Optimization came from customers who saw the ATT&CK map in Sentinel but wanted more guidance on what the TTP's meant in context. "I see this map, but which Attack types use which chains and how do I cover THAT!?".
Microsoft Defender now prevents threats on endpoints during an attack Predictive shielding in Defender not only responds instantly during an attack but also jumps ahead of attackers, predicting and preventing the next move before it happens with just-in-time hardening controlsâĶ
Custom data collection in Microsoft Defender for Endpoint was just announced in the November release notes. Documentation is already available learn.microsoft.com/en-us/defenderâĶ Predictive shielding sounds also very interesting... #MDE #XDR
Starting a True Detective S01 rewatch tonight, unless someone can name something just as good to start? Doubtful but open to suggestions
âTemp-â Prefixed to rule created over a year ago
Folks in GCC-high tenants have developed a form of patience few people today could achieve.
United States āđāļāļĢāļāļāđ
- 1. Cloudflare 20.1K posts
- 2. Cowboys 73.8K posts
- 3. #heatedrivalry 26.9K posts
- 4. LeBron 110K posts
- 5. Gibbs 20.5K posts
- 6. Pickens 14.7K posts
- 7. fnaf 2 26.9K posts
- 8. Lions 92.1K posts
- 9. scott hunter 5,783 posts
- 10. Warner Bros 23.8K posts
- 11. Paramount 20.9K posts
- 12. Shang Tsung 32.1K posts
- 13. #PowerForce N/A
- 14. #OnePride 10.6K posts
- 15. Brandon Aubrey 7,462 posts
- 16. Ferguson 11K posts
- 17. Scott and Kip 3,261 posts
- 18. Cary 42.3K posts
- 19. Eberflus 2,698 posts
- 20. CeeDee 10.7K posts
āļāļļāļāļāļēāļāļāļ·āđāļāļāļāļ
Something went wrong.
Something went wrong.