Av Scan Results

Author: Bert-Jan PalsReleased: 10/9/2024

Identity Directory Events SID History Changed

Author: Jose Sebastián CanósReleased: 10/9/2024

Identity Directory Events ADFS DKM Property Read

Author: Jose Sebastián CanósReleased: 10/9/2024

Parsing Unified AZKV Audit Logs

Author: Jose Sebastián CanósReleased: 10/8/2024

Custom Detection Report

Author: Bert-Jan PalsReleased: 10/8/2024

Detecting Mamba 2FA Phishing As A Service

Author: Steven LimReleased: 10/8/2024

Detect Pn P Devices Connected To My Endpoint Machines

Author: Sergio AlbeaReleased: 10/7/2024

Identify Network Shares With Write Permissions Set To Everyone In Highly Exposed Devices

Author: Michalis MichalosReleased: 10/6/2024

Top 10 Most Sprayed UP Ns By I Ps And Countries Using Behaviour Analytics

Author: Steven LimReleased: 10/6/2024

Self Signed Certificates

Author: Michalis MichalosReleased: 10/6/2024

Defender XDR Threat Hunting DNS Tunneling

Author: Steven LimReleased: 10/5/2024

Sentinel Threat Hunting DNS Tunneling

Author: Steven LimReleased: 10/5/2024

Threat Hunting MDE Network Intrusion Discovery

Author: Steven LimReleased: 10/3/2024

Detecting Windows Side Loading DLL Attacks

Author: Steven LimReleased: 10/3/2024

RMM Connection

Author: Bert-Jan PalsReleased: 10/2/2024

Missing Logs In Email Events

Author: Jose Sebastián CanósReleased: 10/2/2024

Custom Detection For CVE 2024 38200 NTL Mv2 Hash Exposure

Author: Steven LimReleased: 9/29/2024

Measuring Sentinel Watch List Effectiveness Using Behaviour Analytics

Author: Steven LimReleased: 9/29/2024

Entra Cross Tenant Activity Monitoring

Author: Steven LimReleased: 9/28/2024

Custom Detection Rule For CUPS Installation In Defender XDR

Author: Steven LimReleased: 9/27/2024

Finding Internet Facing Device With CUPS

Author: Steven LimReleased: 9/27/2024

Check Malicious Link Or Email

Author: Jose Sebastián CanósReleased: 9/26/2024

Sign In From Suspicious IP

Author: Bert-Jan PalsReleased: 9/25/2024

Monitoring Microsoft 365 Copilot Web Search Queries With Defender XDR

Author: Steven LimReleased: 9/25/2024

Power Shell Possible C2connection

Author: Ali HusseinReleased: 9/25/2024

Email Typosquatted Email Recieved

Author: Bert-Jan PalsReleased: 9/24/2024

Detecting Nation State Threat Actors With Custom KQL Queries

Author: Steven LimReleased: 9/24/2024

Purview DLP Endpoint Alert Info

Author: Jose Sebastián CanósReleased: 9/23/2024

High Risk Assets With Command Line Credentials

Author: Steven LimReleased: 9/22/2024

Monitoring Restricted Management Administrative Units Abuse

Author: Steven LimReleased: 9/21/2024

Signature Ring Distribution

Author: Bert-Jan PalsReleased: 9/19/2024

Password Spraying Detection In Active Directory

Author: Steven LimReleased: 9/19/2024

Purview DLP Share Point Alert Info

Author: Jose Sebastián CanósReleased: 9/19/2024

Purview DLP One Drive Alert Info

Author: Jose Sebastián CanósReleased: 9/19/2024

Purview DLP Exchange Alert Info

Author: Jose Sebastián CanósReleased: 9/19/2024

Purview DLP Teams Alert Info

Author: Jose Sebastián CanósReleased: 9/19/2024

Detect API Spray Attack On Your Entra High Value Assets

Author: Steven LimReleased: 9/18/2024

Suspicious SSH Connection Inspections

Author: Sergio AlbeaReleased: 9/18/2024

Pivot ASR Config

Author: Bert-Jan PalsReleased: 9/17/2024

Detecting Twill Typhoon VS Code Exploit

Author: Steven LimReleased: 9/16/2024

Detecting Windows Downdate Abuse

Author: Steven LimReleased: 9/14/2024

Identify Suspicious Certificates In Endpoints With Zero Keysize And No Signature Algorithm

Author: Michalis MichalosReleased: 9/13/2024

Interactive Web Login

Author: Rod TrentReleased: 9/13/2024

Detect External Sources Scanning My Exposed Devices

Author: Sergio AlbeaReleased: 9/13/2024

MDE TVM Exposure Level

Author: Alex VerboonReleased: 9/12/2024

Office365 Recycled Restored

Author: Alex VerboonReleased: 9/12/2024

Office365 Customer Lockbox

Author: Alex VerboonReleased: 9/12/2024

Microsoft September Updates

Author: Sergio AlbeaReleased: 9/11/2024

Entra Roles Report

Author: Bert-Jan PalsReleased: 9/9/2024

Devtunnelcodetunneling

Author: Ali HusseinReleased: 9/9/2024