Brother Carl, first of all thank you for providing such a quality content. This is the most Unique Video on youtube on Microsoft Sentinel. Request to please make more videos or a series on Sentinel. KUDOS to you CARL.👏👏👏👏👏👏👏👏👏👏
still not sure what is the adv of that solution. this query could be written on any LA workspace. and azure monitor alert setup as long as you send data to azure... such stuff like these attacks should be configured out of the box. So i must write my own KQL every time i want to monitor eg password spray attack? brute force still is unclear to me when machines are in the domain user have max 5 trys before lock.
Brother Carl, first of all thank you for providing such a quality content. This is the most Unique Video on youtube on Microsoft Sentinel. Request to please make more videos or a series on Sentinel. KUDOS to you CARL.👏👏👏👏👏👏👏👏👏👏
Thank you carl.This was helpful.pls can you do more on other network attacks and something on DLP?Thanks
still not sure what is the adv of that solution. this query could be written on any LA workspace. and azure monitor alert setup as long as you send data to azure... such stuff like these attacks should be configured out of the box. So i must write my own KQL every time i want to monitor eg password spray attack? brute force still is unclear to me when machines are in the domain user have max 5 trys before lock.
Can you do demo on sentinel detecting sql injection?