All SecOps at home engineering articles. Read on for articles that explain technical concepts related to Security Operations and Incident Response.
Turn e-mail notifications into Microsoft Sentinel alerts
In this article we will explore a simple way of turning e-mail notifications into Microsoft Sentinel alerts. This automation works well in situations when a MSSP manages part of your organization’s security suite and notifies your SOC about significant alerts via e-mail. Requirements: You’ll need: High level overview: At a high level this automation: Once…
How to Set Up Syslog Forwarding to Microsoft Sentinel (Even If You’re Not a Linux Expert)
Back when I was still an analyst, I felt pretty confident working with Microsoft Sentinel. The built-in connectors were intuitive, and I was comfortable navigating Azure. But when it came to configuring Syslog forwarders for firewall log ingestion, I didn’t know where to start. I wasn’t a Linux enthusiast, and chatting with our SIEM engineers…
Automate out-of-business-hours alert escalations using Microsoft Sentinel for less than € 15/year
Introduction With a good team, shift work can be enjoyable. However, if you take away the social aspect of working shifts (which remote work largely did), you’re left with all the health consequences and none of the fun. Add to it the overall cost of having a SOC working in shifts and the management overhead…
SecOps at home 