security automation blog

newest posts

Microsoft Sentinel PowerShell Data and logging Cost Optimization

How to use Log Horizon to improve Microsoft Sentinel posture

A tutorial to using the Log Horizon tool to get an overview of your Microsoft Sentinel deployment, including logs, detection and Defender XDR integration.

Apr 16, 2026 Read more →

Microsoft Sentinel PowerShell Data and logging Cost Optimization

Update: Log Horizon

Log Horizon 0.5.0 adds self-contained HTML export, deeper transform analysis, stronger hardening, and improved CI-friendly reporting for Microsoft Sentinel.

Apr 9, 2026 Read more →

Microsoft Sentinel Data and logging Detection Engineering Cost Optimization

Building a practical log baseline

How to classify security logs into primary and secondary data, use Sentinel tiers pragmatically, and keep cost aligned with detection value.

Apr 6, 2026 Read more →

Microsoft Sentinel PowerShell Data and logging Cost Optimization

Tool Release: Log Horizon

A PowerShell module that connects to your Sentinel workspace and tells you if your logs are earning their keep.

Apr 1, 2026 Read more →

View all posts →

Tools and repositories

Microsoft Sentinel SIEM log source analyzer. Classifies tables, scores cost-vs-detection value, and generates recommendations.

MicrosoftSentinel-Scripts

Repository for publishing scripts related to Microsoft Sentinel.

misp2sentinelone

Proof of concept PowerShell functions for sending TI from MISP to SentinelOne.

Simple tool to detect Azure Lighthouse delegations and automate persistence setup.

rustymisp2sentinel

Rust tool for sending threat intelligence from MISP to Microsoft Sentinel.

Module for interacting with a MISP server using PowerShell.

pwshuploadindicatorsapi

PowerShell module for sending indicators of compromise to the Upload Indicators API (Microsoft Sentinel).

MicrosoftSentinel-Templates

Collection of ARM and other templates for Microsoft Sentinel.

Latest Update Website Update - January 2026 Jan 6