security automation blog

infernux.no
  • Archive
  • Presentations
  • About me

Auditing Microsoft Sentinel queries in an Azure Lighthouse-environment

Quick introduction to auditing Microsoft Sentinel queries in a cross-tenant scenario - and some things to be aware of.

Posted on August 25, 2022

Scenario [Read More]
Tags: Microsoft Sentinel, Azure Lighthouse, LAQueryLogs, AzureActivity, Audit

Assign roles to managed identities in Microsoft Sentinel playbooks using Azure Lighthouse

Grant access via Azure Lighthouse using User Access Administrator delegation, ARM-templates, pipelines and powershell.

Posted on July 6, 2022

Scenario [Read More]
Tags: Azure REST API, Microsoft Sentinel, Azure Lighthouse, ARM Template, PowerShell, Managed Identity, User Access Administrator

Create Managed Identity and assign roles using Azure Lighthouse

Create Managed Identites and grant access via Azure Lighthouse using User Access Administrator delegation.

Posted on June 7, 2022

Scenario [Read More]
Tags: Azure REST API, Microsoft Sentinel, Azure Lighthouse, ARM Template, PowerShell, Managed Identity, User Access Administrator

Deploying Automation Rules via API

Automate more of your Azure Sentinel deployment by combining the Az Powershell-module and the 2019-01-01-preview API to deploy Automation Rules from JSON-templates.

Posted on August 23, 2021

Introduction to Automation Rules [Read More]
Tags: Azure REST API, Azure Sentinel, SecurityInsights, Automation Rules, PowerShell

Securing Windows Server 2016 Exam Prep Guide (ish)

A summary of the most important aspects from the 70-744 exam

Posted on May 4, 2021

Securing Windows Server [Read More]
Tags: windows, server, Securing Windows Server 2016, exam, prep
  • ← Newer Posts
  • Older Posts →
  • Email me
  • RSS

infernuxmonster  •  2024  •  Infernux.no

Theme by beautiful-jekyll