Workspace Transformation Rules in Practice

This post will show you two very useful workspace transformation rules that you can use to save money on your data ingestion in Microsoft Sentinel.

Workspace transformation rules are defined in data collection rules and use kusto query language (KQL) in order to transform data in the cloud pipeline, before ingestion into Microsoft Sentinel. [Read More]
Tags: Cyber Security, Microsoft Sentinel, Azure, Log Analytics, Workspace Transformation Rules, Data Collection Rules

Expanding on Cyber Threat Intelligence for Security Monitoring

Three levels of detection engineering using Threat Intelligence as our guiding light

This blog will serve as a guide to understanding how we can use Cyber Threat Intelligence (CTI) for detection in more ways than just raw data points. For some context, I wrote a little introduction on this topic earlier in January - the main point was that most people in... [Read More]
Tags: Cyber Security, Security Monitoring, Threat Intelligence, MISP, Cyber Threat Intelligence, Detection