The Security Insights Show

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe The Must Learn KQL series home page: https://aka.ms/MustLearnKQL Book version: https://cda.ms/3mT Series merch store (all proceeds to St. Jude's): https://cda.ms/3vg Hands-On KQL Practice with the new Microsoft Sentinel Workbook: https://cda.ms/3Cw Microsoft Sentinel Docs Training and Skilling Resources: https://cda.ms/3Cx This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Angela Harris https://angelavharris.com/ Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Hosted by Edward Walton, Frank Grimberg, Rod Trent, Brodie Cassell Sreedhar Ande Github: https://github.com/andedevsecops 1. https://aka.ms/asnew --> up to date info on the improvements we make in the product 2. NRT Rules considerations  Detect threats quickly with near-real-time (NRT) analytics rules in Microsoft Sentinel | Microsoft Docs https://docs.microsoft.com/en-us/azure/sentinel/near-real-time-rules#considerations 3. Analytical Rules Health a. Playbook : Azure-Sentinel/Playbooks/Send-AnalyticalRulesHealthNotifications at master · Azure/Azure-Sentinel (github.com) https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Send-AnalyticalRulesHealthNotifications b. Blog: Monitoring Microsoft Sentinel Analytical Rules – Push Health Notifications - Microsoft Tech Community https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/monitoring-microsoft-sentinel-analytical-rules-push-health/ba-p/2793694 4. Guide to build Microsoft Sentinel Solutions a. Webinar: Create Your Own Microsoft Sentinel Solutions https://youtu.be/oYTgaTh_NOU b. Azure-Sentinel/Solutions at master · Azure/Azure-Sentinel (github.com) https://github.com/Azure/Azure-Sentinel/tree/master/Solutions#guide-to-building-microsoft-sentinel-solutions 5. Microsoft Sentinel Repositories demo a. Managing security content as code - Microsoft Sentinel in the Field #1 - YouTube https://www.youtube.com/watch?v=vqLqJhaFNBk Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Nathan Swift Info: https://www.youtube.com/channel/UCwFmix7vM-Awcgxku8pHxQg https://linktr.ee/swiftsolves Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: https://aka.ms/sentinelhybrid Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: https://aka.ms/appgovernancedocs Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Simple Row-Based Access Workbook: Lab Walk-Through with Azure Sentinel and Azure Data Explorer (ADX) https://techcommunity.microsoft.com/t5/azure-sentinel/simple-row-based-access-workbook-lab-walk-through-with-azure/ba-p/2804446 This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Azure Sentinel Information Model https://docs.microsoft.com/en-us/azure/sentinel/normalization https://www.youtube.com/watch?v=WoGD-JeC7ng Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Rod Trent Azure Cloud & AI Domain Blog https://azurecloudai.blog/ Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Thomas Maurer https://www.thomasmaurer.ch/ Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Guest Hosts: Rod Trent Brodie Cassell Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Guest Hosts: Rod Trent Nathan Swift Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-azure-sentinel-soc-process-framework-workbook/ba-p/2339315 This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Guests: TJ Banasik Lili Davoudian Brodie Cassell Announcing the Azure Sentinel: Zero Trust (TIC3.0) Workbook https://techcommunity.microsoft.com/t5/public-sector-blog/announcing-the-azure-sentinel-zero-trust-tic3-0-workbook/ba-p/2313761 Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Azure Sentinel webinar: Using Azure Data Explorer as Your Long Term Retention Platform of AS Logs https://www.youtube.com/watch?v=UO8zeTxgeVw This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Ninad Doshi Azure Security Lead – US Financial Services Customer Success Unit Ninad is a Security Architect on Microsoft’s Customer Success team partnering with customers to secure their operations in Azure as well as use Azure services to secure their hybrid operations. Some of work includes whitepapers like he co-authored on Incident Management Implementation Guidance: Azure and Office 365 https://www.linkedin.com/in/ninaddoshi/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Notes: Twitch https://www.twitch.tv/microsoftsecurityinsights Guests: Chris Boehm Senior Program Manager – Customer Experience Engineering Team Microsoft Jing Nghik Security and Compliance Technology Specialist Microsoft https://www.youtube.com/c/TeachJing/featured This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Matt Lowe Program Manager 2, Azure Sentinel Tech enthusiast from Chicago, now living in Boston. Former college hire Support Engineer for Azure Security in Dallas. Big fan of food, video games, hockey, and working out. Bad at self summaries. https://www.linkedin.com/in/matthew-lowe-13b61990 This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Azure Sentinel EUBA Cristhofer Romeo Munoz Program Manager II , Cloud Security Engineering Team at Microsoft Short Bio: Cristhofer Muñoz is a Program Manager II part of the Cloud and Artificial Intelligence division focusing on cloud security, explicitly Azure Sentinel. Cristhofer is passionate about directly working with organizations to strengthen their resilience and helping organizations reduce information security risks by embracing cybersecurity. IT industry certifications that Cristhofer currently holds are CISSP, E|CEH, E|CHFI, CompTIA CySa+, Security+. When he is not working with organizations, you can catch him surfing the web at a local café in NYC! LinkedIn: linkedin.com/in/crisrmunoz This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch https://www.twitch.tv/microsoftsecurityinsights This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show notes can be found on the podcast website at: http://microsoftsecurityinsights.com/ Twitch https://www.twitch.tv/microsoftsecurityinsights This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Matt Egen is a Global Black Belt and Principal Technical Specialist in Microsoft’s Security Solutions Area. He has a large number of years of experience in cybersecurity, development, and infrastructure operations. He has a cat, Sweetpea, who is a Pigeon Threat Analyst. Follow Matt on twitter: https://twitter.com/FlyingBlueMonki This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Strengthen your hybrid identity with these new Azure AD Connect releases Announcing the Cybersecurity Maturity Model Certification (CMMC) Workbook Public Preview Extending threat and vulnerability management to more devices Windows Virtual Desktop support is now generally available This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Rod Trent Cybersecurity Customer Engineer and Global Azure Sentinel SME at Microsoft LinkedIn Profile This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Links: Twitch YouTube Playlist Hunt for Azure Active Directory sign-in events Microsoft Defender for Endpoint: Automation defaults are changing Microsoft Teams DLP Playbook!!! Microsoft Defender for Identity expands support to AD FS servers What’s new: Dedicated clusters for Azure Sentinel Handling ingestion delay in Azure Sentinel scheduled alert rules The Ninja Training 2021 edition is out! This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com