Organising Azure Firewall Logs for ingestion If you are ingesting Azure Firewall logs into your Sentinel workspace, ensure that you have set the diagnostic settings “Resource Specific” Benefits of...

If you’ve ever been part of a SIEM migration project, you know exactly what I’m talking about when I say it’s one of the most challenging and resource-intensive projects a security team can underta...

2025 has been a big year in the Microsoft Sentinel world. Microsoft has pushed Sentinel beyond its roots as a cloud-native SIEM into a central, AI-driven security operations platform tightly integr...

2025 has been a big year in the Microsoft Sentinel world. Microsoft has pushed Sentinel beyond its roots as a cloud-native SIEM into a central, AI-driven security operations platform tightly integr...

In my last blog post, I covered how to set up the Data Collection Endpoint (DCE), create a custom table, and parse Apache logs into JSON format so they can be uploaded to Sentinel via Log Ingestion...

Automating Custom Log Ingestion into Microsoft Sentinel with Azure DevOps (Part 1) Recently, one of my clients had an incident and I was approached to help operations team analyse a large data set...

I was working with a client recently to optimise their Sentinel deployment when I found out that their Sentinel Pricing tier was set to an incorrect pricing tier. A tier that was not suitable for t...

A Step-by-Step Guide to manage multiple Sentinel workspaces using Azure Lighthouse. If you’re managing multiple Sentinel workspaces across different Azure tenants or working with clients who have ...

Making Smarter Security Decisions with Risk-Based Optimization in Microsoft Sentinel Edited:In today’s fast-paced environment, security teams constantly face the challenge with alerts and potentia...

Simplifying Vulnerability Data Extraction with Azure DevOps In the realm of cybersecurity, managing vulnerabilities is a critical task. Microsoft Defender offers robust tools for monitoring and an...