this is a very useful and helpful video, currently doing my MSc dissertation research on how sentinel can help mitigate ransomware attack. This video has come to the rescue; I will surely reference your work. Thank you
Hey Craig, really good video. For writing analytic rules in Sentinel, I was wondering if you knew of a place of reference to go to in order to check for an extensive list of names of programs, extensions, directories and other indicators to put in KQL queries for the contains, !contains, has, !has, and so on fields for different types of analytic rules we may be writing. Basically for the filtering part of any analytics rule.
this is a very useful and helpful video, currently doing my MSc dissertation research on how sentinel can help mitigate ransomware attack. This video has come to the rescue; I will surely reference your work. Thank you
Thank you!
Hey Craig, really good video. For writing analytic rules in Sentinel, I was wondering if you knew of a place of reference to go to in order to check for an extensive list of names of programs, extensions, directories and other indicators to put in KQL queries for the contains, !contains, has, !has, and so on fields for different types of analytic rules we may be writing. Basically for the filtering part of any analytics rule.
Hey @tiphotisted, you can use the ones from the KQL Microsoft Docs site, they come under the data explorer section I believe :)
Realy nice vicdeo, can you please share this ransomware so we can test this in my environment.
Thank you for the nice comment. Unfortunately I cannot share the ransomware this would be highly unethical.
Great thanks!!
Love all of it :)
Nice one .. Please can you share the sample so that we can test it in our lab ?
Hi Muhammad, if you have a look on GitHub you’ll be able to find some similar examples :)
Really Cool
Thank you
My best ever video.... full of positive energy...
Search a Great video
Thank you