• Push Iocs With Powershell Via Api

    Posted on August 27, 2024

    Introduction & Use Case: ⏱ In the fast-paced world of cybersecurity, the ability to swiftly respond to threats is crucial. However, even the most well-oiled Security Operations Center (SOC) can encounter hiccups, such as Role-Based Access Control (RBAC) configuration mishaps that can, for example, hinder the manual registration of Indicators... [Read More]

  • Logic Apps & Automation

    Posted on August 16, 2024

    Introduction & Use Case: In this blog post, we will explore how to leverage Azure Logic Apps to solve for a common, budget-constrained, mission-critical security use case while also reducing overhead for your SOC analysts. You’ve been charged automating the following scenario: [Read More]

  • Pim & Jita For Jumpboxes

    Posted on June 30, 2024

    Introduction & Use Case: During a regular security audit, you’ve discovered several jump boxes with network access to sensitive corporate resources (such as mission-critical production SQL databases) are exposed via RDP port 3389 to the internet and you need to lock them down. [Read More]

  • Deploy Defender For Iot Ot Network Sensor

    Posted on May 22, 2024

    Introduction & Use Case: You’ve deployed your sensors through Azure IoT Hub and onboarded your telemetry to a Log Analytics Workspace, but you’re a ninja and know there’s more to defending your shinobi dojo’s IoT infrastructure… Enter the Defender for IoT Operational Technology (OT) sensor! [Read More]

  • Gmsa Based Dsa Accounts For Defender For Identity

    Posted on April 18, 2024

    Introduction & Use Case: Leveraging Group Managed Service Accounts (gMSA) for use as the Domain Service Accounts (DSA) in your Defender for Identity deployments provides enhanced security and maximizes your coverage. In this blog post, we will breakdown and streamline gMSA account creation for use as a DSA for both... [Read More]