Author: user
AZ-500 Network Security Groups and Application Security Groups Lab
source: AZ500-AzureSecurityTechnologies Exercise 1: Create the virtual networking infrastructure Task 1: Create a virtual network…
AZ-500 Entra ID – Role Based Access Control Lab (portal, powershell, bash)
source: AZ500-AzureSecurityTechnologies Exercise 1: Create the Senior Admins group with the user account Joseph Price…
SC-200 Sentinel – Privilege escalation attack – Simulation, detection and response
source: SC-200T00A-Microsoft-Security-Operations-Analyst Part 1: Run the attack In this guide we will simulate an attacker…
SC-200 Create automation rule
In this demo we are creating an automation rule to change the severity and status…
SC-200 Collect logs from non-azure-Linux VM host to Microsoft Sentinel using Azure Arc and Syslog AMA
Step 1 – Install and configure Rsyslog To install rsyslog on Ubuntu execute this from…
SC-200 Connect Windows devices to Microsoft Sentinel using data connectors
source: SC-200T00A-Microsoft-Security-Operations-Analyst Task 1: Create a Windows VM in Azure Go to Marketplace, search for…
SC-200 Configure your Microsoft Sentinel environment
source: SC-200T00A-Microsoft-Security-Operations-Analyst Task 1: Initialize the Microsoft Sentinel Workspace go to Log Analytics Workspace and…
Creating a Workbook (Dashboard) on Sentinel
Open Sentinel > and click on Workbooks located under the Threat management tab Select Add…
Deploying Sentinel All In One
Sentinel All In One allows you to have a fully fledged ready to use Sentinel…
Create a Honeypot VM in Azure – pt2 Investigation using Elasticsearch
Here we will conduct an investigation of one of the attacks conducted against our previously…